I have users who have to authenticate for 1 service with simple username/password. But these users belong to different companies. I want to: - keep a per company overview of users - avoid two users with the same uid What is the best structure to use: Option1: ***************************************** ou=users,dc=example,dc=com | |\_ou=company1 | |\_uid=user11 | |\_uid=user12 | |\_ou=company2 | |\_uid=user21 | |\_uid=user22 | |\_ou=company3 | |\_uid=user31 | |\_uid=user32 ***************************************** Option2: **************************************************** ou=users,dc=example,dc=com | |\_uid=user11 |\_uid=user12 |\_uid=user21 |\_uid=user22 |\_uid=user31 |\_uid=user32 ou=company1,dc=example,dc=com | |\_member="uid=user11,ou=users,dc=example,dc=com" |\_member="uid=user12,ou=users,dc=example,dc=com" | ou=company2,dc=example,dc=com | |\_member="uid=user21,ou=users,dc=example,dc=com" |\_member="uid=user22,ou=users,dc=example,dc=com" | ou=company3,dc=example,dc=com | |\_member="uid=user31,ou=users,dc=example,dc=com" |\_member="uid=user32,ou=users,dc=example,dc=com" **************************************************** Both options work of course, but a disadvantage of option1 is that duplicate uid's are possible. Or are there any other options possible? Richard. -- ___________________________________________________________________ Recursion: see recursion +------------------------------------------------------------------+ | Richard Lucassen, Utrecht | | Public key and email address: | | http://www.lucassen.org/mail-pubkey.html | +------------------------------------------------------------------+
Attachment:
pgpXUXT37D1nb.pgp
Description: PGP signature