<quote who="Marcin Giedz">Answer is quite simple. I need to have different aliases and virtual accounts for different virtual domains. So basically I need to split domains and add email accounts respectively to them.
Is there any way to do something like this without copying all data many times.
1) there is entry: uid=user1,ou=people,dc=xx,dc=x The entry has objectClass = person, posixAccount etc.. So there is attribute userPassword.
2) there are entries:
mail=user1@dom1,ou=domains,dc=xx,dc=x
mail=user1@dom2,ou=domains,dc=xx,dc=x
mail=user1@dom3,ou=domains,dc=xx,dc=x,
I think your design is a bit strange. Why not have these mail attributes as part of the user entry like:
mail: ghenry@suretec.org mail: ghenry@suretecsystems.com
And then do your search. You then only need one userPassword.
Regards, Marcin
however I had to copy some attributes from uid=user1,ou=people,dc=xx,dc=x like userPassword (with objectClass') to every entry @dom1,@dom2,@dom3 to be able to authenticate such user.
Now I'm wondering if there is any way to NOT copy attribute userPassword (and others) to @dom1.... but rather "create" reference to uid=user1,ou=people,dc=xx,dc=x in every @domX so when ldapsearch is performed I will be able to get userPassword using filter (mail=user1@dom1) and authenticate user1?
Regards, Marcin
-- ARISE M.Giedz, T.ÃÂebruÃâ sp.j. http: www.arise.pl mail: giedz@arise.pl tel: +48 502 537 157
-- ARISE M.Giedz, T.ÅebruÅ Sp.j. http: www.arise.pl mail: giedz@arise.pl tel: +48 502 537 157