[Date Prev][Date Next] [Chronological] [Thread] [Top]

Help in designing a directory

Hello all,

I'm a newbie to OpenLDAP (and LDAP in general for that matter).  I plan to
deploy a directory server to address the following issues:

- centralized authentication (my SMTP, POP3, IMAP4, HTTP, cache, etc.
systems already have LDAP support) with encrypted passwords
- publishing a searchable public directory of our users (user selects what
info he wants published)
- publishing a closed directory of our users (all information can be viewed
but access is limited to certain groups which are defined within the
directory itself)
- easy distribution of bulletins, flash news, emergency notifications, etc.
- because this is a pilot implementation, I need it to be free
- integration with our in-house developed accounting, billing, inventory and
system/network/user management systems

What I need help on are the following:

- tips on designing the structure of the directory system (automatic
failover, security, efficiency, etc.)
- tips on designing the schema
- sample configurations that could help me cover the above-mentioned issues
- an explanation on how I could connect our in-house developed systems
(which use SQL backend databases) to the directory and use LDAP
- sample on how I could add a new "tag" to the directory e.g. MACADDR (MAC
address as in 00-00-B0-0B-02-1D)

I am trying to understand LDAP but the process is slow (I do have other
concerns that need attention).  LDAP documentation for newbies
(straightforward explanations without the in-depth technical details) is
scarce at the moment or maybe I just haven't found it yet.  I could probably
solve my problems using a database but I strongly believe LDAP is the

People may not believe it but there are only 5 of us running this company
with about 100 users.  We desperately need to simplify and centralize our
processes. I believe LDAP would do the job just fine so I hope someone here
can help.

I know my request would probably warrant a paid consultant but where we are,
I don't believe anyone has had experience with LDAP.  If we pay someone,
he'll probably end up asking a list like this anyway.  We figured we'd keep
the money and just ask ourselves  :-)

Thanks in advance.

M. Yu