[prev in list] [next in list] [prev in thread] [next in thread]
List: ldap
Subject: [ldap] On DIT layout planning
From: Maykel Moya <moya () infomed ! sld ! cu>
Date: 2005-10-06 1:18:30
Message-ID: 20051006011830.GB10063 () julia ! sld ! cu
[Download RAW message or body]
Don't know is this is On-Topic...
We are close to migrate the mail system I maintain to LDAP. The user
info is currently in a big /etc/passwd.
I've created class 'sldPerson' (structural) to get the main data for
every user of our services. Then I've created other auxiliary classes
for those having other services, for example: virtualMailAccount and
radiusAccount.
I plan to use uid=foo as RDN, every user under dc=my,dc=domain,dc=com
but noted that uid for RDN will reduce my namespace. So I decide to
use mail as RDN, that even adapts to adding other hosted virtual mail
domains.
The problem with mail is that it forces me to have a mail attribute,
and not every sldPerson should have a mail. sldPerson just add a
little stuff to InetOrgPerson. Now, I'm thinking on use cn as RDN. I
asked some days ago about having cn as RDN, they said it's a common
practice.
Well, the problem with cn is normalization. Lusers that put a 'e'
instead of 'é' will suffer. Besides, people are normally adapted to
type in a login instead of a complete name. Don't know how to solve
this.
In the other hand, I'd like to have accounts of network/system
administrators in the DIT. I'm thinking to have a separate OU for
this, and use posixAccount/posixGroup for accounts. In this OU thoung
a uid as RDN is mandatory.
Well, I hear for comments, criticizes, advices, hints, tips or even a
referral to the correct list.
Regards,
maykel
---
You are currently subscribed to ldap@umich.edu as: [ldap@progressive-comp.com]
To unsubscribe send email to ldap-request@umich.edu with the word UNSUBSCRIBE as the \
SUBJECT of the message.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic