[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
LDAP layouts for Heimdal
I am trying to decide what is the best tree layout for a ldap/heimdal
based install. I have noted that heimdal has only the mixed the person
class in as default. I am wondering if it would be smart to add more
objectclasses - inetorgperson, etc. to the entries or put extra entries
of the users in another branch. I think they should be the same ldap
entry, but once a user is added in ldap, its objectclasses can't be
modified. So I either modify heimdal to use the classes I want at
compilation, or put them in another tree. Which makes me think the
standard would be to put the users in two branches.
My biggest problem with compiling in added objectclasses is Samba needs
a SID assigned on creation.
So I ask - What was heimdal/ldap originally designed to do - separate or
single entries and why?