The ASF LDAP system
Posted on: 2010-02-22 22:17:39+00:00
When we decided some time ago to start using LDAP for auth{n,z} we had to come up with a sane structure. This is what we have thus far:
dc=apache,dc=org
| ou=people,dc=apache,dc=org
| ou=groups,dc=apache,dc=org
| ou=people,ou=groups,dc=apache,dc=org
| ou=committees,ou=groups,dc=apache,dc=org
As well as other OUs that contain infrastructure related objects.
So with "dc=apache,dc=org" being our basedn, we decided we needed to keep the structure as simple as possible and placed the following objects in the respective OUs:
- User accounts - "ou=groups,dc=apache,dc=org"
- POSIX groups - "ou=groups,dc=apache,dc=org"
- User Groups - "ou=people,ou=groups,dc=apache,dc=org"
- PMC/Committee groups - "ou=committees,ou=groups,dc=apache,dc=org"
Copyright 2024, The Apache Software Foundation, Licensed under the Apache License, Version 2.0.
Apache® and the Apache feather logo are trademarks of The Apache Software Foundation.