When new groups are created that share a prefix, the requirement is that any defined group “lsst_N” is a superset of any subgroups, i.e. “lsst_N_1”, “lsst_N_2”. This requirement is made with the understanding that LDAP does not have a notion of subgroups and cannot enforce this requirement. It is expected to be enforced through LSST’s identity management auditing process.

Note: the above scheme allows for a group name of "lsst". This is an alias of "lsst_users". Also, if optional prefixes are not present then the underscores are not needed.

Staff Groups

For internal LSST staff, default groups hall be created with the prefix of:

...

Page tree

Versions Compared

Old Version 2

New Version 3

Key

Staff Groups

Page tree

Page History

Versions Compared

Old Version 2

New Version 3

Key

Staff Groups