[Date Prev][Date Next] [Chronological] [Thread] [Top]

Namespace Design

Greets,
 
I have a namespace design question.  I have an OpenLDAP server set up.  I am going about designing a professional, robust namespace to support a number of applications, such as phonebook, org chart, POSIX account repository, etc...  I am using "Understanding and Deploying LDAP Directory Services" by Howes, Smith and Good as my guiding light.
 
The book states to design your namespace as a semi-hierarchy with a relatively flat base.  That is, to create containers of like objects.  This is better than trying to create your organizational layout as the framework of your directory because of re-orgs, etc.  Assume the following:
 
o=example, dc=com
 
ou=People, o=example, dc=com
ou=IT, o=example, dc=com
ou=IT, ou=Telecommunications, o=example, dc=com
 
cn=User1, ou=People, o=example, dc=com
cn=User1
objectclass=inetOrgPerson
sn=User1
ou=IT
 
cn=User2, ou=People, o=example, dc=com
cn=User2
objectclass=inetOrgPerson
sn=User2
ou=Telecommunications
 
In this loose example, I have 2 users who are people objects.  They belong to ou=People.  However, for their departments, they belong the the respective ou for that department.  IT has a sub-unit of Telecommunications.  User1 belongs to IT.  User2 belongs to IT->Telecommunications.
 
I agree with this design philosophy.  I see how it makes administration easier, especially from an OpenLDAP perspective.
 
Here is my dilemma.  I need to move my OpenLDAP structure over to Novell Directory Services.  I am being told by admins and by NDS books that the "flat" structure that everyone is recommending (see my example above) is not a good design strategy.  NDS wants a pyramid representing the organization, with users belonging to each node, despite the amount of work necessary during a reorg.
 
I want to design my LDAP namespace the best way possible, but integrate it with NDS.  Is there any reason I shouldn't develop along the semi-flat layout for NDS?  Does anyone have any references I could check out?  I have trolled www.novell.com for info, as well as this list service.  I am turning to all of you for help.
 
Thanks for any replies!
 
Cheers,
Jason Mowat