[Date Prev][Date Next] [Chronological] [Thread] [Top]

Directory design question


I found this post ( http://www.openldap.org/lists/openldap-software/200305/msg00288.html ) about multiple suffixes, and I am wondering about my implementation and I would like your opinions about it ( should I be using ldap?,etc...)

I am using the ldap server for storing users, password, roles, permissions2roles, users assigned to roles and I am defining different suffixes for each "company" that the users belongs to, each company can have different roles from the baseones, etc...

A j2ee app is validating all the security stuff against this directory.

I have 2 problems with this setup:
1. An problem with searches ( the other post I sent to the mailing list). which is getting terribly annoying
2. Each time I have to register a new company ( for an inventory control system ) I have to make three steps:
A. Insert a row in db table
B. Add a new database in slapd.conf
C. Restart slapd...

I don't like it...

What do you think? Any advice will be welcome!