I'm aware this may not be the best mailing list to discuss something as generalized as best practices for LDAP structuring within OpenLDAP, but would anyone be able to direct me to a mailing list that would be better suited for this kind of conversation?
I'm looking for any or all of these kinds of communications within a mailing list:
- Designing a person, account, group LDAP tree directory that would be scalable and flexible enough to grow to large sizes (millions) and still have a grip on best practices for identity management on an enterprise level. - Specifically for an educational institution if I can share the aches and pains of other directory owners with similar problems. - I also am trying to prove / disprove the use of having a person directory object with multiple child account objects as good or bad architecture and understand why. I've never seen this discussed in practice. - Good and bad ways to relate tree objects with each other. I only know of parent / child tree relationships or more "softly" by using DN's within an attribute like the group-member relationship.
Joshua Riffle Software Engineer *Azusa Pacific University*