[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: name space design



>Thanks for your advice.
>
>I'm thinking of the following design:
>
>dn: uid=username, dc=company, dc=com
dn: uid=username, ou=People, dc=company, dc=com
>objectclass: .....
objectclass: posixAccount
>....
>o: departmentName
>
>dn: o=departmentName, dc=company, dc=com
dn: o=departmentName, ou=Departments, dc=company, dc=com
>objectclasss: organization
>o: departmentName

You also need entries for:
dn: ou=Departments, dc=company, dc=com
dn: ou=People, dc=company, dc=com
which must be added before the above.

>
>Any comments on this design would be greatly appreciated.

Think of the ldap directory as a filesystem heirachy, you want different
kinds of files (ldap entries) in different directories.

See the rfcs included with openldap.  I even think there's one that
recommends how departments are layed out.
>
>I'm having another question: what is the best way to search the ldap
>database for the next uidnumber to be assigned to a new user.

There isn't one as far as I know.  The usual kludges are used: look through
them all or keep your own record of next id.


Karl

May the Legos (TM) always be swept from your path in the night.