[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: where to begin with design?

To: Archive User <archive@xpedite.com>
Subject: Re: where to begin with design?
From: <Hugo.van.der.Kooij@caiw.nl>
Date: Mon, 18 Dec 2000 11:25:27 +0100 (CET)
Cc: <openldap-software@OpenLDAP.org>
In-reply-to: <Pine.GSO.4.05.10012180305440.13759-100000@mailserver1.xpedite.com>

On Mon, 18 Dec 2000, Archive User wrote:

> I would like to use ldap for the following things..
>
> Netscape proxy server auth
> Netscape calendar server auth
> Netscape web server auth
> Apache web server auth
> VPN server auth (supports ldap).
> Radius server auth
> Sendmail email routing
> Corporate address book for outlook,netscape,eudora,horde/imp, and
>   a web based interface.
> Solaris 2.6, 7, and 8 auth/auto mounting
> Linux auth/auto mounting
> WinNT 4.0/2000/98 auth
>
> My biggest headache right now is trying to figure
> out a design for this whole thing..

A good LDAP client understands group membership.

So I would attack it the way I use access right under Linux. For various
resources like proxy servers and such you just create a group and add all
members that have access rights.

On my CNE4 exam I had to pass 'NDS desing and implementation' and found
most of the knowledge still usable today with LDAP. (hey, it's all X.500
derived in some way ;-)

I suggest you dig into an LDAP design book and think it through a lot. A
good tree design can save you a lot of trouble.

Hugo.

-- 
Hugo van der Kooij; Oranje Nassaustraat 16; 3155 VJ  Maasland
hvdkooij@caiw.nl	http://home.kabelfoon.nl/~hvdkooij/
--------------------------------------------------------------
This message has not been checked and may contain harmfull content.

References:
- where to begin with design?
  - From: Archive User <archive@xpedite.com>

Prev by Date: Is this like a bug
Next by Date: Re: Access Control
Index(es):
- Chronological
- Thread