Hello,
We are storing user accounts in OpenLDAP. Main classes used are:
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: eduPerson
User email address(es) is (are) stored in the "mail" attribute and are
also used by Postfix (which uses virtual accounts based on LDAP).
I would like to define some email accounts (with associated email
addresses) which do NOT belong to a particular user; so, in these
accounts a mail attribute would not be associated (both conceptually and
practically) with a person objectClass.
Is there a suggestion on which existing objectClass(es) (and associated
schemas, if applicable) should we use for such use? I thought of
"account" (defined in cosine.schema), but it does not accept a mail
attribute. The idea would be to use something like an extended "account"
objectClass, (or "account" itself, with some additional auxiliary class
to define an email address) together with simpleSecurityObject to allow
definition of a password.
Any experiences, suggestions will be appreciated.
Thanks,
Nick