[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Tree/ACLs design
I have user accounts with about 50 attributes (personal data, mail
attribs, services attribs,..). Now I would have to create ACLs for:
- read user data
- read attrs for qmail
- modify user (only) data
- create accounts
...
I must write ACLs with about 20 attrs ! Is it slow down ldap server ?
For example, set of user data attribs have about 20 attrs (cn, sn, l,
birthyear,.....), mail attrs too..
Or maybe I must change tree.. Move user data to another subtree ?
But it is problem with modify rights - I cannot use "self modify"
when I have data in two location (for example: givenname and
mailForwarding Address; or user password - where put this ?).
Pleas help with this.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Sylwester Lunski Szanse jedna na milion spelniaja
Email: dookie@mat.uni.torun.pl sie w dziewieciu przypadkach na
dziesiec B.E.Weatherwax
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-