Survey Strategy and Goals
The intent of this survey is to collect feedback from a variety of institutions and organizations within higher education about their current Directory Group usage in LDAP, their current and anticipated needs for Directory Groups, and what gap(s) they see between the tools they currently have at their disposal and what would meet their needs. Our aim is to then use the results of the survey process to inform our thinking about Directory Group tools and to measure existing tools with an eye toward making them as widely useful as possible.
Please contribute!
Below are the beginnings of the survey, containing questions that have been thought of by members of the MACE-Dir Working Group. If you have any comments, suggestions, corrections, additional questions, etc. that you feel are appropriate, please feel free to edit this document directly. We only ask that you comment on any changes you make so that we can keep track of the rationale for changes as they are made.
Survey Draft
Directory groups can be used for provisioning and authorization.
For those using groups in LDAP:
- What directory product or product(s) are you using?
- If you are using more than one product, are you synchronizing them, and if so, how?
- Are the standard object classes sufficient for your needs?
- Are you using static groups, dynamic groups, or a mixture of both? Why?
- If you are using static groups, how do you go about generating them? Are they on an as-needed basis? Are they created by hand? Is there an automatic tool that creates the base strutcure for you?
- If you are using dynamic groups, how do you go about generating them? Are they created dynamically, or just populated dynamically? Are they created/populated from basic LDAP filters, or is more complex coding required?
- Do you use groups for authorization or primarily release collections attributes to applications?
- If you use groups for roles, then how, if you do, do you address exceptions to the roles/group membership?