PingDirectory

Working with groups

LDAP groups are special types of entries that represent collections of users. This section provides an overview of PingDirectory server group concepts and procedures on setting up and querying groups in the server.

Groups are often used by external clients to control who has access to a particular application or features. Internally, they might be used by the server to control its behavior. Groups can be used by the access control, criteria, or virtual attribute subsystems.

The specific ways in which clients create and interact with a particular group depends on the type of group being used. There are three primary ways in which clients attempt to use groups:

  • To determine whether a specified user is a member of a particular group

  • To determine the set of groups in which a specified user is a member

  • To determine the set of all users that are members of a particular group