Hi everyone
I am completely new to LDAP so I hope my terminology is correct.
I am looking at setting up an LDAP server but I can't find information on how I would like it structured.
All of the information I find is based on a single directory tree: ie. domain.com and then under that you can have your sub domains.
But I would like to be able to have multiple domains. domain1.com, domain2.com. domain1.co.uk, domain1.com.jp and so on.
Is this at all possible using LDAP?
If it is possible could someone please point me to some information on how I can do this. I don't explicitly want the answer given to me as I won't learn anything.
Many thanks in advance for your help and patience.
Regards
Fred
On Sun, 8 Jun 2008, Fred Zinsli wrote:
All of the information I find is based on a single directory tree: ie. domain.com and then under that you can have your sub domains.
Usually it's "dc=domain,dc=com".
But I would like to be able to have multiple domains. domain1.com, domain2.com. domain1.co.uk, domain1.com.jp and so on.
You seem to be confusing domains with suffixes (although a one-to-one mapping is possible).
Is this at all possible using LDAP?
Yep; we run all sorts of non-overlapping suffixes at work.
If it is possible could someone please point me to some information on how I can do this. I don't explicitly want the answer given to me as I won't learn anything.
Ah - someone prepared to learn :-) Simply use multiple "suffix" directives.
On Sunday 08 June 2008 00:32:30 Fred Zinsli wrote:
Hi everyone
I am completely new to LDAP so I hope my terminology is correct.
I am looking at setting up an LDAP server but I can't find information on how I would like it structured.
All of the information I find is based on a single directory tree: ie. domain.com and then under that you can have your sub domains.
There is no rule that states that you *have* to do things like this. It is merely a convention for default setups.
But I would like to be able to have multiple domains. domain1.com, domain2.com. domain1.co.uk, domain1.com.jp and so on.
Is this at all possible using LDAP?
Of course.
But, what are you actually trying to achieve? Does a domain-specific structure actually suit your requirements?
If it is possible could someone please point me to some information on how I can do this. I don't explicitly want the answer given to me as I won't learn anything.
Many thanks in advance for your help and patience.
Well, the first question is, what are your requirements?
For example, we host mailboxes for many domains. However, users could have aliases in more than one domain. Thus, restricting the directory design based on the domain name makes no sense.
Our current structure is something like this:
uid=user@domain,ou=service,cn=virtualisp,o=isp
So, we don't need subordinates, we can place everything in one database - o=isp - (if we so desire), or we can split the database at the virtualisp level (the most logical place to do so), then at the service level (the next most logical place), and finally, all domains served by a specific service in a specific virtualisp need to be searched anyway, so there is no point splitting the tree any further.
Maybe your requirement is similar to mine. Maybe it is totally different. Until you know what your real requirements are, it's a bit difficult to give advice.
Regards, Buchan
openldap-technical@openldap.org