The idea is to enable JON administrators to associate JON roles to LDAP groups, rather than having to manually create JON roles and map JON users to them. We need to document setting up this process and what a user sees when the log in the first time after LDAP authorization is setup. Design wiki: http://rhq-project.org/display/RHQ/Design-LDAP+Integration We also need to test how this scales, e.g. a dozen JON roles each associated with half a dozen ldap groups, along with a 1000 groups defined in total on the ldap server and have each JON user a member of 50 of those groups.
Closing these trackers.