userid and multidomain

Bernhard Reiter bernhard at intevation.de
Thu Sep 9 16:32:58 CEST 2004


On Wednesday 08 September 2004 17:53, Jean-Michel Dault wrote:
Bernhard's statement:
> > > Completely separated virtual domain aka multidomain are not supported
> > > with the upcoming Kolab2, because it is difficult to handle this within
> > > the ldap.
>
> The way I handle it, is to get rid of the @domain part for the uid, and
> just use the user. Then create an alias for the user.

We talk about two different multidomain funcationalities here.
What we call multidomain would allow a seperated maintenace
of several companies on one server. For this they must be completely
seperated in LDAP and acls, mailboxes and so on.
Many other people talk about accepting emails for one
user with different domains. (Anybody has a nice name for it,
not being "multidomain"? ;) )

> I don't understand why kolab insists on having user at domain. It means you
> can't use Kolab for pam_ldap, samba, etc.

I think you could use "user at domain" for samba and other authenficiation uses,
too. So as far as I understood it, there was some other problem within the schema.
We should have resolved this for Kolab2 and please let us know when
this isn't the case.

In addition Kolab2 will support a seperate user id that can be different from
the primary email address and can be used for authenficiation (only).
(The primary email address still is used for acl settings 
and event authentification.)

> The only advantage is to be able to have the same user on multiple
> domain, but since Kolab doesn't support virtual domains, it's totally
> useless.

There are other reasons to do this.
First: People can more easily remember it and the email
address supposetly is golbally unique.
This has nice implications for groupware uses.

> Besides, what most ISPs do these days is assign a random user, for
> example b1i8rug6, which gives 36^8 possibilities (enough for every human
> on the planet and their dog) and they let people choose their own e-mail
> and possibly aliases.

In practive there are various problems when people change the primary
email address. And if that is unique anyway, why remembering another login name?
 
Bernhard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2145 bytes
Desc: signature
URL: <http://lists.kolab.org/pipermail/users/attachments/20040909/90187ae6/attachment.p7s>


More information about the users mailing list