From: sajuptpm on
I want to create an LDAP database for my company with following
settings.

Only the ldap user belongs to my company can search and view ldap
entries
I want to protect ldap user belongs to my company
One ldap user can't search and view others details
Only allow ldap users to authenticate with there username and
password
I need an LDAP administrator for my company.Only he can add and
delete users from LDAP.

For these how configure /etc/openldap/slapd.conf



I need to add group and role infornations to ldap directory.Can i use
existing attributes like 'ou' for these or need to add new attribute.


Here is the LDAP entry i configured.

dn: uid=user6,dc=localhost,dc=localdomain
objectclass: top
objectclass: person
objectclass: inetorgperson
ou: [('userGroup111','userr'),('adminGroup','admin'),
('Server111','operator')]
cn: user6
sn: My company
uid: user6
userPassword: 123456


ou: [('userGroup111','userr'),('adminGroup','admin'),
('Server111','operator')] <-----newly added group and role pair.Is it
correct way????

Have any other way to do it.