Virtual Domains & LDAP
Hey guys,
I'm fairly new to the LDAP game. I've read the list archives a bit, and
found a lot of good info. One thing that is still eluding me is the the
directory structure itself.
I am trying to set up LDAP as my backend for several services: SMTP
(Postfix), IMAP/POP (Cyrus + pw_check patch), FTP (ProFTPd + mod_ldap), and
HTTP (Apache + PHP + LDAP + mod_auth_ldap). I obviously would like to host
more than one domain <g>. (I know this could be accomplished with ISPMan,
but I'm trying to learn how to use the technology itself).
What would be the best structure for this?
I was thinking something like:
o = my_organization -- domain1
-- domain2
-- domainN
-- Admins -- LDAP Admin
-- Users
I figured lumping all the users together would make it easier for searches,
since there would only be one base.
However, I was also thinking of something like this:
o = my_organization -- domain1 -- Users
-- domain2 -- Users
-- domainN -- Users
-- Admins -- LDAP Admin
With this system, I figured each domain could be within its own namespace,
and I like this approach better, due to the more natural organization of
things. However, being split up like that, I would think searches would be
agonizingly slow.
Anyone out there do something similar? Please share any insight
(structures, sample LDIF, config files, etc.) Thanks a lot.
--
Kevin
Reply to: