[Kolab-devel] Ldap DN, from cn=..,dc=.. to mail=..,dc=..?
Thomas Arendsen Hein
thomas at intevation.de
Mon Jul 31 16:03:08 CEST 2006
* Bernhard Reiter <bernhard at intevation.de> [20060731 15:54]:
> Am Montag, 31. Juli 2006 12:25 schrieb Jorgen Hermanrud Fjeld:
> > The current ldap structure uses cn=..,dc=.. to name users, since each dn
> > must be distinct, every cn must also be distinct. In large installations
> > it is quite likely that two users have the same name, however entirely
> > unlikely that they have the same email address.
> > Would it not be better to use mail=..,dc=.. as a dn?
>
> Yes, I believe this would be better.
Another problem that would be solved by this would be that every
account needs a first name and last name.
> Patches are welcome, because they help with coming versions,
> As Kolab Server 2.1 is in late beta, we would not add such a feature at this
> point. We want to keep 2.x stable regarding the ldap approach, because
> otherwise many assumptions in supporting or connected systems
> will break.
>
> This is my opinion, maybe Martin, Steffen or others also like to comment.
If the change can be done in a way so existing installations don't
break, I'd like to have it as soon as possible.
Maybe using whatever is in LDAP right now: If DNs are made from
primary email address, add new users in the same way, otherwise fall
back to the old scheme.
Or a config or bootstrap option or something like that.
Regards,
Thomas
--
Email: thomas at intevation.de
http://intevation.de/~thomas/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1334 bytes
Desc: not available
URL: <http://lists.kolab.org/pipermail/devel/attachments/20060731/32df2b45/attachment.p7s>
More information about the devel
mailing list