Use OU's and the hierarchy if you have to partition your LDAP tree (so that people from accounting will not be querying dbadmin or management data, etc).
Try to investigate LDAP's groupOfNames object type that you can use for grouping. On Wed, Apr 8, 2009 at 9:20 AM, Jerome Macaranas <jerom...@gmail.com> wrote: > hi, > > I'm testing linux user authentication using ldap including sudo... but > ldap itself is a monster.. :( i was wondering if anyone can give me a > suggestion in building the directory information tree. > > I need to give access on users based on their job? sample below: > > dn: dc=test,dc=com > dn: cn=Manager,dc=test,dc=com > dn: ou=Servers,dc=test,dc=com > dn: ou=dbadmin,ou=Servers,dc=test,dc=com > dn: ou=netadmin,ou=Servers,dc=test,dc=com > dn: ou=devadmin,ou=Servers,dc=test,dc=com > dn: ou=appadmin,ou=Servers,dc=test,dc=com > dn: cn=Juan delaCruz,ou=dbadmin,ou=Servers,dc=test,dc=com > dn: cn=Juan Tamad,ou=dbadmin,ou=Servers,dc=test,dc=com > > Is this this optmized way of implementing it.. > > tia, > jm > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
