I agree with the fact that making all user username@domain is the best form of authentication across all platforms. In our case we have several realms we have to authenticate. In our case we are using a set of LDAP server for Radius authentication and a set for mail. I would like to see Qmail LDAP be able to vary the BaseDN based on the realm in which is being used.
In the case of our Radius servers, the user using the standard username@domainname will log in but what our radius server does is choose the part of the LDAP tree based on domain. This makes for a faster lookup and also allows us to have duplicate names in our LDAP server as long as they are in separate trees. Narrows things down by state and then by realm. Very fast on the lookup. I am going to have to get someone to write the ldap lookup for this function because it makes no sense to search the tree for every user when you can narrow it down from the beginning. If anyone has already done this please let me know.
