[prev in list] [next in list] [prev in thread] [next in thread]
List: ldap
Subject: [ldap] Antwort: Tree Organization Design [Virus checked]
From: denis.havlik () t-mobile ! at
Date: 2004-04-26 7:40:31
Message-ID: LYRIS-886202-709950-2004.04.26-03.41.02--ldap#progressive-comp.com () listserver ! itd ! umich ! edu
[Download RAW message or body]
This is a multipart message in MIME format.
--=_alternative 002A296EC1256E82_=
Content-Type: text/plain; charset="us-ascii"
> Hi everyone!
> In fact, every organization have specific needs, hence, have a specific
ldap tree organization. In general, which may be "best practices" to
design a optimal (best >ldap performance) tree organization?, on other
hand, which may be "worst pratices" ?...
In general, there are two quasi-standards:
the first one comes from X500 world, and the tree structure is heavily
based on the organisational structure of the company. DNs look somewhat
like this:
dn: CN=Donald Duck,OU=IT,O=Company,C=<Country code>
This type of structure has a tendency of building up deap trees with just
a few entries in each final branch.
The second one is based on Internet domain names, and usually implies
rather shallow tree structures (all the employees of one company may be in
one big pot). DNs look like this:
uid=duckd,ou=People,dc=duck,dc=org
where duck.org is the donald's internet domain name...
There are cases where neither of the two is suitable, and unfortunately I
have to live with such a case: big international company that consists of
several international subcompanies. The only sensible way to handle this
is IMO by starting with mother company, continuing with subcompanies, and
then with administrative units (national branches).
regards
Denis
---
You are currently subscribed to ldap@umich.edu as: [ldap@progressive-comp.com]
To unsubscribe send email to ldap-request@umich.edu with the word UNSUBSCRIBE as the \
SUBJECT of the message.
--=_alternative 002A296EC1256E82_=
Content-Type: text/html; charset="us-ascii"
<br>
<br>
<br><font size=2 face="sans-serif"><br>
>Hi everyone!</font><font size=3 face="Times New Roman"> </font><font size=2 \
face="sans-serif"><br> >In fact, every organization have specific needs, hence, \
have a specific ldap tree organization. In general, which may be "best \
practices" to design a optimal (best >ldap performance) tree organization?, \
on other hand, which may be "worst pratices" ?...</font><font size=3 \
face="Times New Roman"> <br> </font><font size=2 face="sans-serif"><br>
In general, there are two quasi-standards: </font>
<br>
<br><font size=2 face="sans-serif">the first one comes from X500 world, and the tree \
structure is heavily based on the organisational structure of the company. DNs look \
somewhat like this:</font> <br>
<br><font size=2 face="sans-serif">dn: CN=Donald Duck,OU=IT,O=Company,C=<Country \
code></font> <br>
<br><font size=2 face="sans-serif">This type of structure has a tendency of building \
up deap trees with just a few entries in each final branch.</font> <br>
<br><font size=2 face="sans-serif">The second one is based on Internet domain names, \
and usually implies rather shallow tree structures (all the employees of one company \
may be in one big pot). DNs look like this:</font> <br>
<br><font size=2 face="sans-serif">uid=duckd,ou=People,dc=duck,dc=org</font>
<br>
<br><font size=2 face="sans-serif">where duck.org is the donald's internet domain \
name...</font> <br>
<br><font size=2 face="sans-serif">There are cases where neither of the two is \
suitable, and unfortunately I have to live with such a case: big international \
company that consists of several international subcompanies. The only sensible way to \
handle this is IMO by starting with mother company, continuing with subcompanies, and \
then with administrative units (national branches).</font> <br>
<br><font size=2 face="sans-serif">regards</font>
<br><font size=2 face="sans-serif"> Denis</font>
---
You are currently subscribed to ldap@umich.edu as: [ldap@progressive-comp.com]
To unsubscribe send email to ldap-request@umich.edu with the word UNSUBSCRIBE as the \
SUBJECT of the message.
--=_alternative 002A296EC1256E82_=--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic