To provide authorization information from LDAP,
the LDAP directory must support the posixGroup schema.
Example LDAP entry:
dn: cn=SetPVValue,ou=Groups,dc=example,dc=com objectClass: top objectClass: posixGroup cn: SetPVValue description: Allow writing to PV. gidNumber: 1234 memberUid: fred memberUid: jane
The above entry defines a group "SetPVValue" with members
"fred" and "jane".
The LDAPGroupAuthorizationProvider will treat that
as granting the SetPVValue authorization to users
"fred" and "jane".
Note that members must specifically be listed via memberUid.
In the above example, there may be a user with primary group ID 1234
that Linux would also consider to be a member of the "SetPVValue"
Linux group, but for authorization purposes such a user must also be
listed via memberUid. The numeric group ID is not used
for authorization.