[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: dn syntax, etc.

At 09:02 AM 6/28/00 -0700, Hugh Caley wrote:
>A couple of questions:
>1. I am creating a contacts database for my users.  I am using dc=contact in
>the dn for each entry (to differentiate from our staff list), which works
>fine, but of course it doesn't really seem like a "domain component" to me.
>Is there something better to use here?

Unless contact is a component of a domain name, don't use dc.  The
use of domain components (dc) implies a mapping into/from domain names.
You might consider "ou".

>2. I would like to add the name of the owner of the contact to the dn, so that
>I can choose to search all contacts or just the owner's contacts by changing
>the searchbase.  Is this possible?  I haven't figured out how to use an
>"owner=" part of the dn.  Or am I way off base here?

You are likely better off storing personal contacts under the
owner's entry and 'public' contacts in a common container such
as ou=contacts.  Then, you can search per user contacts by setting
your base to the user's dn and search common contacts by setting
the dn to common container and search all contacs by setting
the base to the root of the naming context.  Such naming facilates
implementation of access controls.