[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: name space design
>Hi Karl,
>
>Thanks for your help. May I check with you the following:
>
>1. What is difference for the following DNs design? Which is the recommended
>design pls? Is there any hierarchy between o and ou. I always thought that o
>should be higher hierarchy than ou (i.e
>ou=department,o=department,dc=company,dc=com). Is this true?
>dn: o=departmentname, ou=departments, dc=company,dc=com or
>dn: ou=departmentname, o=departments, dc=company,dc=com or
>dn: cn=departmentname, ou=department, dc=company,dc=com or
>dn: cn=departmentname, o=department, dc=company,dc=com or
I don't know the recommendations on this. Your thoughts are probably right.
>
>2. Where can I find the "rfcs included with openldap" that you mentioned
>below.
In the tarball they are in the doc(s?) directory. In the rpm they are in
/usr/doc/openldap... There are lots. I'm always having to grep them.
>
>Best Regards.
>
>----- Original Message -----
>From: Karl O. Pinc <kpinc@artic.edu>
>To: Corisen <csyap@starnet.gov.sg>
>Cc: <openldap-software@openldap.org>
>Sent: Tuesday, November 28, 2000 11:21 PM
>Subject: Re: name space design
>
>
>> >Thanks for your advice.
>> >
>> >I'm thinking of the following design:
>> >
>> >dn: uid=username, dc=company, dc=com
>> dn: uid=username, ou=People, dc=company, dc=com
>> >objectclass: .....
>> objectclass: posixAccount
>> >....
>> >o: departmentName
>> >
>> >dn: o=departmentName, dc=company, dc=com
>> dn: o=departmentName, ou=Departments, dc=company, dc=com
>> >objectclasss: organization
>> >o: departmentName
>>
>> You also need entries for:
>> dn: ou=Departments, dc=company, dc=com
>> dn: ou=People, dc=company, dc=com
>> which must be added before the above.
>>
>> >
>> >Any comments on this design would be greatly appreciated.
>>
>> Think of the ldap directory as a filesystem heirachy, you want different
>> kinds of files (ldap entries) in different directories.
>>
>> See the rfcs included with openldap. I even think there's one that
>> recommends how departments are layed out.
>> >
>> >I'm having another question: what is the best way to search the ldap
>> >database for the next uidnumber to be assigned to a new user.
>>
>> There isn't one as far as I know. The usual kludges are used: look
>through
>> them all or keep your own record of next id.
>>
>>
>> Karl
>>
>> May the Legos (TM) always be swept from your path in the night.
>>
>>
Karl
May the Legos (TM) always be swept from your path in the night.