On Wed, Apr 8, 2009 at 11:20 AM, Jerome Macaranas <[email protected]> wrote: > hi, > > I'm testing linux user authentication using ldap including sudo... but > ldap itself is a monster.. :( i was wondering if anyone can give me a > suggestion in building the directory information tree. > > I need to give access on users based on their job? sample below: > > dn: dc=test,dc=com I suggest to have,
users group: ou=People,dc=test,dc=com cn=Jose Gonzalez,ou=People,dc=test,dc=com cn=Juan Tamad,ou=People,dc=test,dc=com ... groups of People ou=Groups,dc=test,dc=com cn=dbadmin,ou=Groups,dc=test,dc=com member: cn=Jose,Gonzalez,ou=People,dc=test,dc=com cn=netadmin,ou=Groups,dc=test,dc=com member: cn=Juan Tamad,ou=People,dc=test,dc=com Then construct ACL access based on membership to groups. > dn: cn=Manager,dc=test,dc=com > dn: ou=Servers,dc=test,dc=com > dn: ou=dbadmin,ou=Servers,dc=test,dc=com > dn: ou=netadmin,ou=Servers,dc=test,dc=com > dn: ou=devadmin,ou=Servers,dc=test,dc=com > dn: ou=appadmin,ou=Servers,dc=test,dc=com > dn: cn=Juan delaCruz,ou=dbadmin,ou=Servers,dc=test,dc=com > dn: cn=Juan Tamad,ou=dbadmin,ou=Servers,dc=test,dc=com > > Is this this optmized way of implementing it.. > > tia, > jm > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
