User Tools

Site Tools


simple_db

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
simple_db [2010/03/22 01:49]
admin
simple_db [2010/03/22 01:49] (current)
admin
Line 1: Line 1:
 +====== Simple DB ======
  
 +===== Reference =====
 +
 +The following default entries are created when a Simple DB (LDAP) database is created. Entries under ou=Super User branch are not available for reading or modifications.
 +
 +  dn: o=domain.com
 +  objectClass:​ top
 +  objectClass:​ organization
 +  o: domain.com
 +  ​
 +  dn: ou=People,​o=domain.com
 +  ou: People
 +  objectClass:​ organizationalUnit
 +  objectClass:​ top
 +  ​
 +  dn: ou=Super Users,​o=domain.com
 +  ou: Super Users
 +  objectClass:​ organizationalUnit
 +  objectClass:​ top
 +  ​
 +  dn: cn=Read,​ou=Super Users,​domain.com
 +  member: uid=admin, ou=people, o=domain.com
 +  member: cn=Read User, ou=Super Users, o=domain.com
 +  cn: Read
 +  objectClass:​ groupOfNames
 +  objectClass:​ top
 +  ​
 +  dn: cn=Suffix Manager,​ou=Super Users,​o=domain.com
 +  givenName: Suffix
 +  objectClass:​ person
 +  objectClass:​ organizationalPerson
 +  objectClass:​ inetOrgPerson
 +  objectClass:​ top
 +  cn: Suffix Manager
 +  sn: Manager
 +  ​
 +  dn: cn=Read User,​ou=Super Users,​o=domain.com
 +  givenName: Read
 +  objectClass:​ person
 +  objectClass:​ organizationalPerson
 +  objectClass:​ inetOrgPerson
 +  objectClass:​ top
 +  cn: Read User
 +  sn: User
 +  ​
 +  dn: uid=admin,​ou=People,​o=domain.com
 +  givenName: Admin
 +  objectClass:​ person
 +  objectClass:​ organizationalPerson
 +  objectClass:​ inetOrgPerson
 +  objectClass:​ posixAccount
 +  objectClass:​ top
 +  uid: admin
 +  cn: Admin
 +  loginShell: /​usr/​bin/​bash
 +  sn: Account
 +  gecos: Admin Account
 +  homeDirectory:​ /home/admin
 +  uidNumber: 1000
 +  gidNumber: 10
 +  preferredLanguage:​ en
 +  ​
 +  dn: uid=guest,​ou=People,​o=domain.com
 +  givenName: Guest
 +  objectClass:​ person
 +  objectClass:​ organizationalPerson
 +  objectClass:​ inetOrgPerson
 +  objectClass:​ posixAccount
 +  objectClass:​ top
 +  uid: guest
 +  cn: Guest
 +  loginShell: /​usr/​bin/​bash
 +  sn: Account
 +  gecos: Guest Account
 +  homeDirectory:​ /home/guest
 +  uidNumber: 1001
 +  gidNumber: 10
 +  preferredLanguage:​ en
 +
 +
 +The root suffix in the above example is: o=example.com. Three user accounts that are created. Each have their own passwords. These are described below.
 +
 +  * **uid=guest,​ou=People,​o=domain.com** has specific privileges to allow lookup of user entries one level below the ou=People branch. This user has access to read the following attributes.
 +    * objectClass
 +    * uid
 +    * cn
 +    * mail
 +
 +  * **uid=admin,​ou=People,​o=domain.com** user has read access to the entire suffix.
 +  * **cn=Suffix Manager,​ou=Super Users,​o=domain.com** can be used to write data into the database. ​
 +
 +Users that are created below ou=People have write access to everything below their own Bind DN (when logged in as themselves) with the exception of the **uid** attribute. This specific attribute can't be deleted or modified explicitly for entries directly below the ou=People branch.
simple_db.txt ยท Last modified: 2010/03/22 01:49 by admin