[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

LDAP layouts for Heimdal

I am trying to decide what is the best tree layout for a ldap/heimdal 
based install.  I have noted that heimdal has only the mixed the person 
class in as default.  I am wondering if it would be smart to add more 
objectclasses - inetorgperson, etc. to the entries or put extra entries 
of the users in another branch.  I think they should be the same ldap 
entry, but once a user is added in ldap, its objectclasses can't be 
modified.  So I either modify heimdal to use the classes I want at 
compilation, or put them in another tree.  Which makes me think the 
standard would be to put the users in two branches.

My biggest problem with compiling in added objectclasses is Samba needs 
a SID assigned on creation.

So I ask - What was heimdal/ldap originally designed to do - separate or 
single entries and why?

Chris Hamilton