Role is a comprehensive grouping mechanism used in a directory server. In a client-server directory system, roles transfer some of the complexity to the directory server. A role is defined by its role definition entry. Assigning entries to roles enables applications to locate the roles of a target entry, rather than select a group and browse the members list. By changing a role definition, a user can change an entire organization with ease. Any client with appropriate access privileges can discover, identify and examine any role definition. An enumerated role is one that contains a list of target entries as members. By simply searching for the membership of the enumerated role, a client application will obtain a list of all members that possess that enumerated role.