On Fri, Dec 17, 2010 at 2:36 AM, Zico <[email protected]> wrote: > On Thu, Dec 16, 2010 at 11:00 PM, Arun Khan <[email protected]> wrote: > >> >> >> (a) How many user entries in your Directory Server? >> > > Well I don't have a directory server outside of Crowd which is only > currently used for JIRA.
Please avoid such info - 'cause it is meaningless. What is Crowd and JIRA? More useful info would have been: this server will be visible on the Intranet and/or Internet facing .... > I have about 5 or so users for the email systems > and most other systems have 2 users - root/admin and 'zico' as a > non-priviledged account. I may have contractors coming and going for certain > jobs and I would like to be able to add and remove permissions as needed > from one place. Whatever you do, avoid populating individual system's "root" users data in LDAP. Besides, 'root' user I also define a local user e.g. sysadmin that is not present in the LDAP Directory. In other words all "admin" users are defined in the systems' local db. > > > (b) How many systems (*nix/Mac OS X) will bind with your LDAP server? >> > > In terms of physical machines 2 or 3, in terms of services the ones I listed > > >> (c) How many MS systems (MS Domain) will bind with your LDAP server? >> > > None > > >> >> These are some of the questions you need to answer to engineer your >> LDAP server(s). >> >> To distribute the connections, I would suggest configure multiple LDAP >> servers (running on guest OS in Virtual Machines) with >> replication/sync between them. >> > > I appreciate the need for redundancy but I'm a bit short of RAM on the office > machine at the moment, > > Okay, if I set up a clean new VM inside the office network and > access to it is that the best way to proceed? Given your scenario, you could start your VM with as low as 64MB and achieve your objective. As for LDAP administration, there are several clients - LAM (php based, Apache DS client (needs JRE). BTW, I am assuming you have a DNS server for the domain you plan to implement in the LDAP server. I hope the above is enough to get you going. Good luck. -- Arun Khan _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
