Can referrals be used to reference a user or group in another branch of the DIT? I am using FDS for authentication, some basic authorization and as a directory. I have my DIT setup with three organizational branches under a single root suffix. Hosts are then setup with a base DN based on the organization they belong to, so very few host's do a search starting at the root suffix. At the moment users are added to the DIT based on their organization and OU within that organization. If I wanted to have a user who is in org A and only org A to be able to gain access to hosts in org B my initial thought was adding them in org B, but this would create maintenance logistical nightmares so my thought was using referrals so that a search by an org B host for a user who is actually in org A would be referred to the user record in org A, but would symbolically be in org B. Would this work, or would it break something, and is this the proper way to use a referral? Is there anyway of doing this on a group basis instead of by single user? Thanks. -- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
