[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: DN question?





--On Friday, November 14, 2003 3:35 PM -0500 Raj Balasubramanian <r0x61j@comcast.net> wrote:

Hello All
Wanted to get an idea of what is the thought process out there in
deciding on a DN? I am specifically curious about DN of format
uid=<id>,ou=users,o=abc (flater) vs. uid=<id>,ou=<mydept>,o=abc (with one
or more flexible OUs).
I have seen the flatter kind more so than the latter, as there are less
dependcies on keeping DN sync with various application storing the DN for
authorization. I also like the idea of having atleast one OU specific to
a grouping of users (division/.dept etc.) so the ACL can be generically
set (if apps support wildcards..
What are some of the common working DN implementations out there?
Thanks in advance and please accept my apoloies if this is a repeat
question.

In relation to this, I'm curious about ou/o vs. dc. We use uid=x, cn=accounts,dc=stanford,dc=edu for example, rather than uid=x, ??=accounts,ou=stanford,o=edu. What are the pros/cons? Is there a particular reason to use one syntax over the other?


--Quanah


-- Quanah Gibson-Mount Principal Software Developer ITSS/TSS/Computing Systems ITSS/TSS/Infrastructure Operations Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html