[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Serving multiple suffixes

We serve University entities, registered in the DNS, under dc=$SOMETHING,dc=rutgers,dc=edu; these entities tend to be things like servers. We serve University entities, not registered in the DNS (these tend to be things like organizations) under "o=Rutgers $SOMETHING,c=US". I'm not a huge fan of serving an empty suffix nor c=US, so these are all separate "suffix" directives in slapd.conf and different physical directories in the filesystem. We also make use of glue in a way that means that not everything should be under the dc=rutgers,dc=edu area.

Of course there's no strict need to do this. I could just register one DNS label and enforce ou=$SOMETHING,dc=aaronsdomain,dc=rutgers,dc=edu for everybody (DNS registered or not). I'd say a large factor is cosmetic and, of most importance to me, ease of typing (i.e. shorter). A single organizationalUnit-minded tree would create fairly lengthy DNs at an organization of our size (unless I made meaningless "ou=a" and "ou=b" to save characters). Bottom line: Yeah, we do this.

On Fri, 13 Jul 2007, Dave Horsfall wrote:

Just curious; are we the only ones on the planet (or at least, this
mailing list) using a single instance of SLAPD to serve multiple disparate
suffixes?

To clarify, we serve (as separate physical directories in the Unix file
system etc) suffixes such as (redacted): dc=a,dc=b,dc=c, dc=x,dc=y,dc=z
etc.  To make matters worse, for political i.e. managerial reasons, some
suffixes must be completely unaware of the existance of others.

Or is this more common than I thought?

--
Dave Horsfall DTM VK2KFU  Ph: +61 2 9552-5509 (direct) +61 2 9552-5500 (switch)
Corinthian Eng'ng P/L, Ste 54 Jones Bay Whf, 26-32 Pirrama Rd, Pyrmont 2009, AU