Andrew Findlay andrew.findlay@skills-1st.co.uk wrote:
Do you reall want every user account on every service to have a different username?
to be honest, I do not want, but in practice when I need to land some mail domain with whole it's users at my MTA, I need to decide what to do with widely used mailboxes like admin, info, abuse etc
(i.e. the user cannot request to be known as 'fred' on both the SMTP service and the IMAP service?
technically I do can provide that but it is head ache of course and what I meant is difference in more "other" protocols like smtp/pop3/imap4 - xmpp - rdp - ftp - ssh - whatever else
are serving. If the same network address is used to serve all domains then you do indeed require the uids to be unique across domains (but you probably do want to let fred@x.y.com use that ID for all services).
yes, I do
mmm ... will not it prevent non-uniqueness only for parent DN-s? while what I'm trying to ask (I'm sorry for muddled up explanation what I mean) about is - uniqueness for the uid *in* the entry ... so, the uniqueness of the attribute `uid' among all DN-s containing authorizedService=target-service
You could do that if you are prepared to have one config line for each service. Something like:
overlay unique unique_uri ldap:///ou=People,dc=org?uid?sub?(authorizedService=SMTP) unique_uri ldap:///ou=People,dc=org?uid?sub?(authorizedService=IMAP) unique_uri ldap:///ou=People,dc=org?uid?sub?(authorizedService=POP3) unique_uri ldap:///ou=People,dc=org?uid?sub?(authorizedService=XMPP) unique_uri ldap:///ou=People,dc=org?uid?sub?(authorizedService=SSH)
wow, great! since the number of the services I provide is limited, it is not the problem to set all of them in slapd.conf
thank you much!
and finally, is it OK (strategically) that object person becomes the branch rather than leaf in such configuration?