Samba, OX, Squid, etc.. with LDAP backend
Etienne Goyer
etienne.goyer at outlands.ca
Mon May 28 14:28:09 UTC 2007
ml at bortal.de wrote:
> After checking out the LDAP Directory tree i was wondering what the
> Organisation Units "DSA" and "ldmap" are good for?
Don't know about ou=DSA, but ou=idmap would be used to keep consistent
id map across several winbind instance (IIRC, I have not done the
Samba/LDAP dance in a while). If you are not using winbind, and I am
fairly certain you are not, you do not need to worry about that.
> I also had a look at Collax PDC and they even have an additional
> PosixGroup. Their tree looks like this:
> dc=example,dc=com
> + ou=ABook
> + ou=groups
> + ou=Infrastructure
> + ou=people
> + ou=posixgroups
> + sambaDomainName=MyDomain
>
> Any idea why they have "groups" and "posixgroups"?
No idea, but I think that is fairly brain-dead. IMHO, it is best to
have a DIT that is as flat as possible, given replication and
application constraints. There is no point in sorting posixGroup and
other groups in different OU; if you need just the posixGroups, use an
an appropriate filter in your search instead of insisting on a different
search base. But that's just me, opinions differ on the subject.
--
Etienne Goyer 0x3106BCC2
"For Bruce Schneier, SHA-1 is merely a compression algorithm."
http://geekz.co.uk/schneierfacts/fact/164
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20070528/ed553bc6/attachment.pgp>
More information about the ubuntu-server
mailing list