[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Virtual Domains & LDAP

Hey guys,

    I'm fairly new to the LDAP game. I've read the list archives a bit, and
    found a lot of good info. One thing that is still eluding me is the the
    directory structure itself.

    I am trying to set up LDAP as my backend for several services: SMTP
    (Postfix), IMAP/POP (Cyrus + pw_check patch), FTP (ProFTPd + mod_ldap), and
    HTTP (Apache + PHP + LDAP + mod_auth_ldap).  I obviously would like to host
    more than one domain <g>.  (I know this could be accomplished with ISPMan,
    but I'm trying to learn how to use the technology itself).

    What would be the best structure for this?

    I was thinking something like:

    o = my_organization -- domain1
                        -- domain2
                        -- domainN
                        -- Admins -- LDAP Admin
                        -- Users

    I figured lumping all the users together would make it easier for searches,
    since there would only be one base.

    However, I was also thinking of something like this:

    o = my_organization -- domain1 -- Users
                        -- domain2 -- Users
                        -- domainN -- Users
                        -- Admins -- LDAP Admin

    With this system, I figured each domain could be within its own namespace,
    and I like this approach better, due to the more natural organization of
    things.  However, being split up like that, I would think searches would be
    agonizingly slow.

    Anyone out there do something similar?  Please share any insight
    (structures, sample LDIF, config files, etc.)  Thanks a lot.

Reply to: