[Date Prev][Date Next] [Chronological] [Thread] [Top]

multiple subdomains...what to do


We have a number of offices connected to our central office via VPN's.
Every office has a Linux server in it running mail services, samba, etc..

I would like to use LDAP for all of the system
db's(passwd,protocols,dns,services, etc) as well as samba and mail. I am
under the impression that I can have a "Master" LDAP server at the main
office and replicate it out to LDAP servers at each location.

I want to be able to add users to the master and have it propagated to the
appropriate remote office.

I have been reading as much as I can on this but I am a little confused on
my initial setup of this.

Right now my main question is on how to set up the heirarchy in the main
LDAP server. While reading "Understanding and Deploying..." the closest
examples show a setup like this:


            /  \
           /    \
   ou=New York  ou=Paris

I am ignorant here, but I was picturing something like this for us:

                    \   \
            /  \     \   \-----------\
           /    \     \               \
          /      \     \               \
      ou=people  etc   dc=subdomain1   dc=subdomain2
                           /    \          /    \
                          /      \        /      \
                    ou=people    etc  ou=people  etc

Do I have the wrong idea or what? Should each subdomain be an
organizationalUnit of the rootdn? Or is the above going in the right

Every office needs (obviously) to stand alone without *having* to refer to
another server, the primary goal here is to create a central management

Thanks for any help/advice!