[Freeipa-devel] expanding the LDAP tree
Pete Rowley
prowley at redhat.com
Wed Nov 7 21:57:00 UTC 2007
John Dennis wrote:
> Karl MacMillan wrote:
>> On Wed, 2007-11-07 at 16:10 -0500, John Dennis wrote:
>>> I would like to add a new branch to our LDAP tree to store radius
>>> configuration information and I thought I would sanity check where I
>>> expect it belongs and how to add it. Yes/No/Comments welcome.
>>>
>>> I think the appropriate place is just under the suffix in a node
>>> called 'services' then each service can add their name below it and
>>> their data below that. For example:
>>>
>>> dn: cn=radius,cn=services,$SUFFIX
>>> dn: cn=clients,cn=radius,cn=services,$SUFFIX
>>>
>>> Sound reasonable?
>>>
>>
>> I'll let others comment in more detail, but we were already considering
>> a services container to service kerberos entries.
>
> Opps, which just reminded me, I think that should have been:
>
> ou=services,$SUFFIX
>
> and not
>
> cn=services,$SUFFIX
>
no, we are not using ou, we are using cn (and objectclass nsContainer).
Also, I think cn=services should be in cn=etc
--
Pete
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20071107/aaee000d/attachment.bin>
More information about the Freeipa-devel
mailing list