problem: you have one directory A with users and groups, and want that to be synchronized with directory B. however, any user not in A should remain in B, but without any membership to any group.
constraint: minimize system downtime, ie the time users are unnecessarily removed from the system or a group.
solution:
do you have any better solutions?
constraint: minimize system downtime, ie the time users are unnecessarily removed from the system or a group.
solution:
- grab all users and groups from A
- add missing users to B
- compare existing groups in A and B and delete from B those that don't exist in A
- loop over groups in B
- for each group in B, loop through all users
- if the user does not have group membership in A, remove it from B
- for each group in B, loop through all users
- go through all users in A and add them to the corresponding groups in B
do you have any better solutions?
No comments:
Post a Comment