[Freeipa-devel] expanding the LDAP tree
John Dennis
jdennis at redhat.com
Wed Nov 7 21:10:26 UTC 2007
I would like to add a new branch to our LDAP tree to store radius
configuration information and I thought I would sanity check where I
expect it belongs and how to add it. Yes/No/Comments welcome.
I think the appropriate place is just under the suffix in a node called
'services' then each service can add their name below it and their data
below that. For example:
dn: cn=radius,cn=services,$SUFFIX
dn: cn=clients,cn=radius,cn=services,$SUFFIX
Sound reasonable?
I also presume bootstrap-template.ldif is the place to create these, right?
I also presume we would want to set an Admin Write ACL on
cn=services,$SUFFIX and Read ACS on each of it's children limited to the
service and admin.
--
John Dennis <jdennis at redhat.com>
More information about the Freeipa-devel
mailing list