[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ldap design - pls comment
Hi,
After much advice from all helpful folks here, I've managed to come out with
an initial design.
1. I'm thinking of designing my name space design as shown below. Any
advice/comment is greatly appreciated.
dn: dc=company, dc=com
objectclass: dcobject
dc: company
dn: ou=departments,dc=company,dc=com
objectclass: organizationalunit
ou: departments
dn: ou=people,dc=company,dc=com
objectclass: organizationalunit
ou: people
dn: o=departmentName1, ou=departments,dc=company,dc=com
objectclass: organization
o: departmentName1
dn: o=departmentName2, ou=departments,dc=company,dc=com
objectclass: organization
o: departmentName2
dn: uid=username1,ou=people,dc=company,dc=com
objectclass: organizationalperson
objectclass: inetorgperson
uid: username1
cn: username1
o: depepartmenName1
dn: uid=username2,ou=people,dc=company,dc=com
objectclass: organizationalperson
objectclass: inetorgperson
uid: username2
cn: username2
o: depepartmenName2
2. Is sub-dividing departments and users using ou=people and ou=departments
recommended and the usual practice? Can I do without it or it's better to
have?
3. Is there any hierarchy between o and ou. I always thought that o should
be higher hierarchy than ou (i.e dn:
ou=department,o=department,dc=company,dc=com). Is this true? Any problem
using "dn: ou=department,o=department,dc=company,dc=com"? What is difference
for the following DNs design? Which is the recommended design pls?
dn: o=departmentname, ou=departments, dc=company,dc=com or
dn: ou=departmentname, o=departments, dc=company,dc=com or
dn: cn=departmentname, ou=department, dc=company,dc=com or
dn: cn=departmentname, o=department, dc=company,dc=com or
Many thanks for your time and advice.
Best Regards.