[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Too many default groups in Skolelinux' LDAP schema?

* p.carsten@arcor.de (p.carsten@arcor.de) [040315 15:00]:
> > ? I know that for me jradmin is clear immediately and for jnradmin if have 
> > to stop and think
> If possible jr_admin would seem even more intutive to me.

i am overwhelmed by all the creativity and thought going into
this. i clearly underestimated this issue. (c:

> But I'd have a nother question: Would it make sense to have GID
> and UID Ranges instead of mixing regular groups into the user and private
> group IDs beyond 10000?
> Maybe similar to the expample scheme[1] found on the net.
> OTH it may be perfectly fine to mix them, just a little harder
> to "group the groups" :-)

UID                                    GID
0-500     OS assigned - I don't care   0-500 OS assigned - I don't care
500-600   Set aside for RH screwups    500-600 UPG for RH screwups
600-800   not currently assigned       600-800 UPG for same 
800-900   system admins and "specials" 800-900 UPG for system admins
900-1000  wasted                       900-1000 department special groups
1000-1200 wasted                       1000-1200 normal groups
1200-1300 wasted                       1200-1300 web server groups
1300-2000 wasted                       1300-2000 future groups
2000->    normal users                 2000-> UPG for normal groups

i found this here. what i did not find was a good reasoning for
having ranges for special groups/users like admins vs normal
users etc.

this is exactly what posix groups and ldap is good for: no need
to care about this kind of stuff manually. what this guy writing
this webpage is struggeling with is 1) redhat 2) solaris. (c:

Reply to: