[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: DN question



On Thu, Aug 14, 2008 at 05:18:02PM +0200, Michael Ströder wrote:

> You can use either just attribute 'mail' as characteristic attribute for 
> forming the RDN.
> 
> mail=jsmiths,<..rest of DN..>
> mail=johnsmiths,<..rest of DN..>
> 
> Or you could use so-called multi-valued RDNs:
> 
> cn=John Smiths+mail=jsmiths,<..rest of DN..>
> cn=John Smiths+mail=johnsmiths,<..rest of DN..>

Another approach is to use some attribute that is unique and is
not ever going to change. The easiest way to be sure of this is
to make up a value and put it in 'uniqueIdentifier'. That way
you do not have problems with clashes and you never have to
rename entries.

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |
-----------------------------------------------------------------------