I was wondering whether someone could help me out
with my schema, I am somewhat confused!
Here is the project:
Our company has clients
we have multiple project teams for clients (some projects are internal, however, and are not assigned to a client) We have two types of people, team members and experts (some people are both, however an expert only cannot be assigned to a team) a person logs in and is able to see all the other members in their project team(s) (source experts don't log in) In addition people can always see all the source experts My schema is defined as follows: dc=acme
dc=com c=usa ou=people (attribute to distinguish members from
experts)
cn=person1, type=member
cn=person2, type=member,
type=expert
ou=clients cn=client1 cn=project1, project2... (cn=client1, ou=clients) cn=client2 now I need to group people into various groups,
would this be it?
dn:projects (groupofnames, members are the people,
sub tree of cn=project1)
member:person1
member:person2
dn projadmin (groupofname, an admin group of members able to add and modify people, only in their particular project) dn: suadmin (groupofnames can edit everything) do I need an cn=projects to define project length
etc or can I do that as part of a group? it doesn't quite make sense to me. Do I
even use groupofnames or simply use attributes to match people with
projects?
I don't know whether this is too hierarchical or
not... any help is appreciated!
-sacha |