[Date Prev][Date Next]
Re: users, groups, etc. for posix authentication?
Christ Schlacta wrote:
A POSIX system considers usernames to be a flat namespace. If you store them
in separate branches of a directory, you create the possibility of having
duplicate names in separate branches, and the base OS will not be able to
is there any reason that a posix usernames, groups, passwords, etc. must
be stored in distinct locations in a directory ? I realize this mostly
applies to the padl pam/nis and the libnsspam-ldapd module specific.
can they be stored in other structures effectively and usefully? can
they be stored on a department by department basis, or in any other
organizational scheme? (ou=arbitrary1,dc=... having groups and users,
while ou=arb2,ou=arb3,dc=... also has users and groups?) if a scheme
like the above is used, will all users and groups be available on a
system? must they be free of naming conflicts, or will
group=users,ou=arbitrary1,... be different from
group=users,ou=arb2,ou=arb3,... ? if they're different, how would this
be indicated by the systems?
This question has nothing to do with LDAP and has no place on this forum.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/