Andrew Findlay <andrew.findlay(a)skills-1st.co.uk> wrote:
Do you reall want every user account on every service to have a
different username?
to be honest, I do not want, but in practice when I need to land some
mail domain with whole it's users at my MTA, I need to decide what
to do with widely used mailboxes like admin, info, abuse etc
(i.e. the user cannot request to be known as
'fred' on both the SMTP service and the IMAP service?
technically I do can provide that but it is head ache of course and what
I meant is difference in more "other" protocols like smtp/pop3/imap4 -
xmpp - rdp - ftp - ssh - whatever else
are serving. If the same network address is used to serve all
domains
then you do indeed require the uids to be unique across domains (but
you probably do want to let fred(a)x.y.com use that ID for all
services).
yes, I do
> mmm ... will not it prevent non-uniqueness only for parent DN-s?
while
> what I'm trying to ask (I'm sorry for muddled up explanation what I mean)
> about is - uniqueness for the uid *in* the entry ... so, the uniqueness
> of the attribute `uid' among all DN-s containing
authorizedService=target-service
You could do that if you are prepared to have one config line for each
service. Something like:
overlay unique
unique_uri ldap:///ou=People,dc=org?uid?sub?(authorizedService=SMTP)
unique_uri ldap:///ou=People,dc=org?uid?sub?(authorizedService=IMAP)
unique_uri ldap:///ou=People,dc=org?uid?sub?(authorizedService=POP3)
unique_uri ldap:///ou=People,dc=org?uid?sub?(authorizedService=XMPP)
unique_uri ldap:///ou=People,dc=org?uid?sub?(authorizedService=SSH)
wow, great! since the number of the services I provide is limited, it is
not the problem to set all of them in slapd.conf
thank you much!
and finally, is it OK (strategically) that object person becomes the
branch rather than leaf in such configuration?
--
Zeus V. Panchenko jid:zeus@im.ibs.dn.ua
IT Dpt., I.B.S. LLC GMT+2 (EET)