Sun Java Communications Suite 5 Schema Reference

Delegation of Management

Managed group object classes are used to specify arbitrary groupings of users or groups (and possibly other resources defined in the LDAP directory) so that management of these resources can be delegated to another user. Examples of such groupings are DNS domain boundaries, and departments.

Managed Group

Managed groups commonly have different rules for adding or deleting members. To enable policy differences in the administration of groups, an instance of the object class inetOrgPerson, with its associated policy attributes, must exist for each managed group.

Store Administrator

To define a group of administrators for domains, the object class inetMailAdministrator is used to grant members administrative privileges over users in the same domain where the group is defined.