From: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; To: "Juan Hernandez" <jhernand(a)redhat.com&gt; Cc: engine-devel(a)ovirt.org Sent: Wednesday, May 22, 2013 1:47:42 PM Subject: Re: [Engine-devel] Any reason to use UUID instead of name or dn? ----- Original Message ----- > From: "Juan Hernandez" <jhernand(a)redhat.com&gt; > To: engine-devel(a)ovirt.org > Sent: Wednesday, May 22, 2013 1:35:56 PM > Subject: [Engine-devel] Any reason to use UUID instead of name or dn? > > Hello all, > > I am working on a series of changes with the objective to simplify the > LDAP layer and make it more generic. One of the things that I would like > to do is to use the name or dn attributes to identify the users/group > instead of the UUIDs as we currently do. Can someone explain me if there > is any powerful reason to use the directory specific UUIDs (objectGUID > in ActiveDirectory, nsUniqueId in RHDS, etc) instead of user/group names > or distinguished names? Hi, If you define an entity and then delete and define an entity at the same name, the new entity should not inherit the permissions of the previous entity. So resource based security always hold unique identifier for entities, it can be UUID, UID or any unique string. Regards, Alon.

_______________________________________________ Engine-devel mailing list Engine-devel(a)ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-devel