LDAP server

Whether you are using Linux on the desktop or as a server, it's still good that you're using Linux. Linux related questions go here.

Moderator: General Moderators

Post Reply
murlopaz
Forum Commoner
Posts: 60
Joined: Wed Oct 11, 2006 5:02 pm
Location: Baltimore, MD, USA

LDAP server

Post by murlopaz »

Hi everybody. I am in a pretty delicate situation.
Story:
There is a ldap server set up for our company that has several branches.
There are some field support people in our branch that don't have an account in AD on the central server.
I though that it would be a good idea to set up another ldap server in our branch just to add users that are not in the central AD.

Note: I am not sure if I expressed myself correctly, but any suggestions will be much appreciated. The main problem here is that there are field support people in our company that don't have an account in AD, and it is impossible for the to have one at the moment on the central server.

Thanks a lot!
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

I didn't think that was possible, as the primary purpose of AD/LDAP is to have everything "centralised" so that you don't get separation like that?
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

I've never heard of the 'branch' terminology, but I imagine that means a new context in the LDAP tree?

For example, if your main context (or branch) is o=YourOrg, you want to make a new context ou=NewBranch o=YourOrg correct?

You can go ahead & give your field people accounts in your new branch, but it might not do a lick of good. If the applications & authentication systems that access only o=YourOrg & don't search recursively, then those new accounts will never be found.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
murlopaz
Forum Commoner
Posts: 60
Joined: Wed Oct 11, 2006 5:02 pm
Location: Baltimore, MD, USA

Post by murlopaz »

what i meant by branch is : separate ldap server.
As I said before we can't add certain users to the central ldap, that's why we thought of setting up a ldap server in our building.
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

I don't think it matters what server the data is stored on, just what context the new data is in.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

You'd need a separate domain for that too, I'd have thought.

Anyway, I've got minimal experience with it, so have the linux LDAP howto:

http://www.tldp.org/HOWTO/LDAP-HOWTO/
Post Reply