[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: reference to other entry - question

Buchan Milne wrote:
On Wednesday, 4 July 2007, Marcin Giedz wrote:
Gavin Henry napisaÅ(a):
<quote who="Marcin Giedz">

Is there any way to do something like this without copying all data many

1) there is entry: uid=user1,ou=people,dc=xx,dc=x
The entry has objectClass = person, posixAccount etc.. So there is
attribute userPassword.

2) there are entries:
I think your design is a bit strange. Why not have these mail attributes
as part of the user entry like:

mail: ghenry@suretec.org
mail: ghenry@suretecsystems.com

And then do your search. You then only need one userPassword.
Answer is quite simple. I need to have different aliases and virtual
accounts for different virtual domains. So basically I need to split
domains and add email accounts respectively to them.

This requirement doesn't preclude the solution Gavin proposed. In fact, I have a system running similar to this (however using mailAlternateAddress).

Can you explain why you can't just effectively have multiple aliases which span multiple domains on one entry ? Is it some limitation in your MTA, or your configuration ?

For example, if the only reason you can't use this is because you are using mail as the naming attribute ... maybe you should select a different naming attribute?

No it's not because of mail attrib it's rather because of homeDirectory. For every virtual domain I need to have different homeDirectory. So when user1@dom1 logs in it is given, homeDirectory=/home/user1/dom1/ but when logs in as user1@dom2 -> homeDirectory=/home/user1/dom2/ ..... that's why I need to distinguish this attribute in LDAP.

My first idea was to build overlay to update userPassword for particular user in EVERY entry in LDAP - but building such overlay is not so trivial.

Really thanks for your help.



ARISE M.Giedz, T.ÅebruÅ sp.j.
http: www.arise.pl
mail: giedz@arise.pl
tel: +48 502 537 157