Mike Jackson wrote: > > Recording full DNs as attribute values is a nasty practice to establish > relationships,
Can't see why. > and base64 encoding DNs into attribute values is even > nastier ??? Are you talking about LDIF representation? There are LDIF modules handling this easily. > (there are a few popular commercial applications which do this). Name them and describe more precisely what "nasty" things they are doing. > Organizations change their names as they get bought, etc, and they > always seem to want their DIT renamed... Relationships, when required, > should be established by association (in your client), not by DN pointer > (in the directory). This depends on your requirements. Sometimes it's required that your LDAP server keeps track of referential integrity. Usually this is based on DNs. Off course it would be possible to implement a server-side plugin to maintain referential integrity based on user IDs. > UID uniqueness can be guaranteed, if you require, by using a UID > uniquness plugin / overlay in your directory server. Sure. But in another posting you mentioned issues with mergers. Guess what? You will have the same issues with user IDs during a merger. Ciao, Michael. --- You are currently subscribed to [email protected] as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
