Hi Petter, hi Andi, Am Dienstag, 15. Februar 2011, 11:18:25 schrieb Petter Reinholdtsen: > > I cannot imagine that using ou=group or ou=groups makes any > > difference for storing our possix groups, but from what I have seen, > > it looks as if using ou=groups is more common and the linguistic > > correct form. > > How do you determine that ou=groups is more common? All other ous are in plural form, only the ou=group looks misspelled... (and I no about that old RFC which did the original misspelling...). > At the University of Oslo, cn=filegroups and cn=netgroups are used. > The former represent the cn=group subtree in Skolelinux. In > db.debian.org, file groups are stored in the ou=users subtree. Those > where the LDAP instances I had easily available. Anyone else have > other data points? > I only have LDAP trees available that I set up by myself. I always dropped ou=group and replaced it by ou=groups as it seems more plausible to use plural. > > What do you think? > > I believe we should leave it unchanged unless we have a good reason to > change it. Anyway, GOsa has its own way of structuring LDAP (that's why GOsa in Skolelinux requires an LDAP-migration tool that is customized for the old lwat-based LDAP-DIT. My suggestion is to handle LDAP-stuff like GOsa proposes it. LDAP DIT has to be changed for GOsa anyway (part of the discussion in Zweibrücken), thus I recommend using the standard GOsa way (where the department ous are optional and should not be configured with standard Skolelinux, also part of the discussion in the Distro). dc=<base-dn> | |--ou=<department-1> | | | |--ou=people | | | |--ou=groups | | | `--ou=systems | |--ou=<department-2> | | | |--ou=people | | | |--ou=groups | | | `--ou=systems |--ou=<department-3> | | | |--ou=people | | | |--ou=groups | | | `--ou=systems | |--ou=people | |--ou=groups | `--ou=systems One suggestion also was to disable the department-ous in GOsa for standard Skolelinux distribution and document how to re-enable it in case you want to setup a bigger site than a normal school. Andi proposed to setup ,,deparment-ous'' for students and teachers already as a default Skolelinux setup (as currently provided in Debian Edu). I also like this idea, but maybe for non-LDAP-gurus this might already be too much. However, GOsa has a fine way of presenting the ou-structure in the GUI... Sorry for running a little off-topic... Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0x1943CA5B mail: m.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
Attachment:
signature.asc
Description: This is a digitally signed message part.