Red Hat DIRECTORY SERVER 8.1 - DEPLOYMENT Deployment Manual page 148

Hide thumbs Also See for DIRECTORY SERVER 8.1 - DEPLOYMENT:

Command reference manual (372 pages)

Configuration and command reference (292 pages)

Reference (228 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

page of 164

/ 164
Contents
Table of Contents
Bookmarks

Table of Contents

Chapter 9. Directory Design Examples

The examplePerson object class allows one attribute, the exampleID attribute. This attribute

contains the special employee number assigned to each Example Corp. employee.

In the future, Example Corp. can add new attributes to the examplePerson object class as needed.

9.1.3. Local Enterprise Directory Tree Design

Based on the data and schema design described in the preceding sections, Example Corp. creates

the following directory tree:

• The root of the directory tree is Example Corp.'s Internet domain name: dc=example, dc=com.

• The directory tree has four branch points: ou=people, ou=groups, ou=roles, and

ou=resources.

• All of Example Corp.'s people entries are created under the ou=people branch.

The people entries are all members of the person, organizationalPerson, inetOrgPerson,

and examplePerson object classes. The uid attribute uniquely identifies each entry's DN. For

example, Example Corp. contains entries for Babs Jensen (uid=bjensen) and Emily Stanton

(uid=estanton).

• They create three roles, one for each department in Example Corp.: sales, marketing, and

accounting.

Each person entry contains a role attribute which identifies the department to which the person

belongs. Example Corp. can now create ACIs based on these roles.

For more information about roles, see

• They create two group branches under the ou=groups branch.

The first group, cn=administrators, contains entries for the directory administrators, who

manage the directory contents.

The second group, cn=messaging admin, contains entries for the mail administrators, who

manage mail accounts. This group corresponds to the administrators group used by the messaging

server. Example Corp. ensures that the group it configures for the messaging server is different from

the group it creates for Directory Server.

• They create two branches under the ou=resources branch, one for conference rooms

(ou=conference rooms) and one for offices (ou=offices).

• They create a class of service (CoS) that provides values for the mailquota attribute depending on

whether an entry belongs to the administrative group.

This CoS gives administrators a mail quota of 100GB while ordinary Example Corp. employees

have a mail quota of 5GB.

Section 4.3.3, "About Class of Service"

See

The following diagram illustrates the directory tree resulting from the design steps listed above:

138

Section 4.3.1, "About

Roles".

for more information about class of service.

Table of Contents

Red Hat DIRECTORY SERVER 8.1 - DEPLOYMENT Deployment Manual page 148

Related Manuals for Red Hat DIRECTORY SERVER 8.1 - DEPLOYMENT

Related Products for Red Hat DIRECTORY SERVER 8.1 - DEPLOYMENT

Table of Contents