Hi, I have had an LDAP that stores POSIX users, and its been OK for the last few months. This is basically been used for protecting some pages on web sites, and allowing users to FTP pages to their home directories for their web sites. This is an example entry in the LDAP: dn: uid=school, ou=people, dc=sws, dc=oldham, dc=uk,dc=net objectClass: top objectClass: school objectClass: posixAccount objectClass: shadowAccount schoolName: School Primary School schoolType: Primary DfES: 9999 commonName: School Primary School uid: school uidNumber: 1002 gidNumber: 1000 gecos: School Primary School loginShell: /bin/false homeDirectory: /exports/httpd/oldhamschuk/school shadowLastChange: 10877 shadowMin: 0 shadowMax: 999999 shadowWarning: 7 shadowInactive: -1 shadowExpire: -1 shadowFlag: 0 userPassword:: asdASDDSAasd My first question is as you can see, schoolName, commanName and gecos all contain the same value without changing the schema's - is there anyway I can store this value once, and refer between them. I would just like to hold schoolName and commanName, and gecos all point to this. The second part is similar, but due to a new requirement. I have been asked to give each school a new account so that they can ftp secure data to a server for collection within our network. I can't use the same ftp location as the web site incase they make a mistake and put the data somewhere where it could be accessable over the web. This second account would also need a different username and password as it has to be compatable with an existing system. This second account would look like this: dn: uid=9999, ou=people, dc=sws, dc=oldham, dc=uk,dc=net objectClass: top objectClass: school objectClass: posixAccount objectClass: shadowAccount schoolName: School Primary School schoolType: Primary DfES: 9999 commonName: School Primary School uid: 9999 uidNumber: 1999 gidNumber: 1001 gecos: School Primary School loginShell: /bin/false homeDirectory: /exports/ftpd/pub/schools/school shadowLastChange: 10877 shadowMin: 0 shadowMax: 999999 shadowWarning: 7 shadowInactive: -1 shadowExpire: -1 shadowFlag: 0 userPassword:: asdASDDSAasd As you can see, most of this data is duplicated data. Is there anyway I can just store the new POSIX account, but use the UID of the second account to refer to the first account to obtain the rest of the data? Am I thinking about this problem in the totally wrong way? :) Thanks, -- Andrew McCall Linux & Internet Systems Administrator I.C.T. Division Oldham MBC Civic Centre West Street Oldham OL1 1UU Tel : 0161 911 3990 Fax : 0161 911 3998 Email : it.andrew.mccall@oldham.gov.uk
Attachment:
signature.asc
Description: This is a digitally signed message part