Information Technology Reference
In-Depth Information
Designing the IAM Directory
Tip 1
: As mentioned before, your directory should contain only user IDs and
passwords as core data, with a couple of other attributes we will cover in a
moment. You may organise user records under different organisation units
(e.g., “ou=internal, ou=users”), but the user object itself should have no
other attributes, not even the user's name or type (B2B, B2C, etc.) It may
seem unnatural to have such a minimal directory structure, but resist the
temptation to put in anything more, and you will be thankful for this
restraint on many future occasions.
This is a minimal structure for the user node of the directory that will serve
you well:
Fig 37: A minimal directory structure
