[Date Prev][Date Next] [Chronological] [Thread] [Top]

Five fundamental questions from a newbie

To: OpenLDAP General <openldap-general@OpenLDAP.org>
Subject: Five fundamental questions from a newbie
From: Marian Steinbach <marian@sendung.de>
Date: Thu, 13 Jan 2000 23:04:32 +0100

Hi!

For a small university faculty I am testing OpenLDAP as central
directory for UNIX accounts, e-mail-aliases, web authentication
and so on, like many others do or have done succesfully. Now I
have some questions dealing with the scheme and with the
strategy for database maintainance as well as with the
integration of different platforms.

1) The Right dn

Which attributes are used best for the dn? I have tried out the
way that is described in the SLAPD/SLURPD administrator´s guide
, taking the whole cn created by gn and sn as part of the dn.

Like this:
dn: cn=Marian Steinbach, ou=Design, o=Fachhochschule Koeln, c=DE

For my name this is long enough, let allone "Catharina Erika
Ortega Carrion" and those. The second problem is that people
whon´t ever keep in mind which names they used for the account.
So I plan to use a dn like

dn: uid=marian, ou=Design, o=Fachhochschule Koeln, c=DE

Are there any disadvantages about this? To me this seems more
usefull and I was wondering why the written guide used
non-unique names...

2) Different objectClasses in one entry

What is it good for that one makes an entry belong to more than
one objectClass? And what is the "top" class good for? For me it
seems as if this was against real "order" in the directory tree.
An example explaining the reason would help me a lot!

3) Creation and Maintainance

As the necessary user information is held in different sources
(database, user and group files) I wrote a Perl script which
merges the data into one large LDIF file. What will happen to
the existing entries in the LDAP database when I (ldap)add data
from a newer LDIF file? Are they supposed o be overwritten or
will OpenLDAP respond with an error saying that the entry
allready exists (which made an update quite difficult)?

4) Macintosh Integration

Are there solutions to integrate MacOS Worstations into a LDAP
authentication environment? Any way making use of AppleShare-IP,
Netatalk or other Software, as well as of commercial products,
would be interesting.

5) Windows NT 4 Intgration

Same as above for Windows NT. Windows NT Server as PDC or Samba
would do fine, other suggestions are welcome too.


Thanks a lot!

Marian

Follow-Ups:
- Re: Five fundamental questions from a newbie
  - From: "Kurt D. Zeilenga" <kurt@OpenLDAP.org>
- Re: Five fundamental questions from a newbie
  - From: Wil Cooley <wcooley@nakedape.cc>
- Re: Five fundamental questions from a newbie
  - From: Dave Carrigan <dave@rudedog.org>
- Re: Five fundamental questions from a newbie
  - From: Salvador Salanova Fortmann <salvador.salanova@pas.udg.es>

Prev by Date: Re: RH61 pam_ldap
Next by Date: Re: Five fundamental questions from a newbie
Index(es):
- Chronological
- Thread