On Thu, 2002-11-21 at 16:37, Dan Melomedman wrote: [snip] > At leaset these need to be prefixed: uid, mail, homeDirectory.
Uhhh... no way :-) The thing I like most about LDAP is that I can use it for every service I provide, including mail, ftp, radius, or any other kind of service requiring auth and possibly storage. I _do_ want to use the same login attribute (uid) for all services, and I do want to share the same homeDirectory, and cn, and userPassword, etc... Now, I have profiles like dn: uid=something,ou=rest,of,dn objectClass: ftpUser objectClass: qmailUser objectClass: posixUser cn: Some Thing sn: Thing uid: something uidNumber: 6666 gidNumber: 6666 userPassword: somethingelse homeDirectory: /home/users/something mailMessageStore: ./mail/Maildir/ ftpDocumentStore: ./web/docs [etc, etc, etc] Prefixing stuff, I'd have: dn: uid=something,ou=rest,of,dn objectClass: ftpUser objectClass: qmailUser objectClass: posixUser cn: Some Thing sn: Thing qldapUid: something ftpUid: something dialUid: something qmailUidNumber: 6666 qmailgidNumber: 6666 ftpUidNumber: 6666 qmailGidNumber: 6666 qldapHomeDirectory: /home/users/something/mail/Maildir/ ftpHomeDirectory: /home/users/something/web/docs/ [etc, etc, etc] Somehow, I prefer sharing attributes :-) . -- Ricardo Cerqueira "ASCII stupid question, get a stupid ANSI"
