[Date Prev][Date Next] [Chronological] [Thread] [Top]

users and groups



I have users who have to authenticate for 1 service with simple
username/password. But these users belong to different companies.

I want to:

- keep a per company overview of users
- avoid two users with the same uid

What is the best structure to use:

Option1:
*****************************************
ou=users,dc=example,dc=com
  |
  |\_ou=company1
  |    |\_uid=user11
  |    |\_uid=user12
  |
  |\_ou=company2
  |    |\_uid=user21
  |    |\_uid=user22
  |
  |\_ou=company3
  |    |\_uid=user31
  |    |\_uid=user32
*****************************************


Option2:
****************************************************
ou=users,dc=example,dc=com
  |
  |\_uid=user11
  |\_uid=user12
  |\_uid=user21
  |\_uid=user22
  |\_uid=user31
  |\_uid=user32

ou=company1,dc=example,dc=com
  |
  |\_member="uid=user11,ou=users,dc=example,dc=com"
  |\_member="uid=user12,ou=users,dc=example,dc=com"
  |
ou=company2,dc=example,dc=com
  |
  |\_member="uid=user21,ou=users,dc=example,dc=com"
  |\_member="uid=user22,ou=users,dc=example,dc=com"
  |
ou=company3,dc=example,dc=com
  |
  |\_member="uid=user31,ou=users,dc=example,dc=com"
  |\_member="uid=user32,ou=users,dc=example,dc=com"
****************************************************

Both options work of course, but a disadvantage of option1 is that
duplicate uid's are possible. Or are there any other options possible?

Richard.

-- 
___________________________________________________________________
Recursion: see recursion

+------------------------------------------------------------------+
| Richard Lucassen, Utrecht                                        |
| Public key and email address:                                    |
| http://www.lucassen.org/mail-pubkey.html                         |
+------------------------------------------------------------------+

Attachment: pgpXUXT37D1nb.pgp
Description: PGP signature