Two Tiered DIT Hierarchy with Shared Organizations
807574Aug 21 2006 — edited Feb 11 2020I'm trying to migrate a legacy schema 1 DIT to schema 2. In the old DA we had it set up with separate admin accounts for billing and support.
ou=people,o=billing,o=corp.palooza.com,dc=palooza,dc=com
ou=people,o=support,o=corp.palooza.com,dc=palooza,dc=com
Both organizations, billing and support, share the corp.palooza.com mail domain. Each would have a separate orgaizational admin.
In the DA Guide, it appears the way to share the same mail domain is to create shared organizations via sunOrgType: shared. But it seems to also imply that to do that we would need to implement SPAs. The DIT structure for doing that seems more complicated than we would like if we were to use the da.provider.skeleton.ldif to create the SPAs.
What we would like to do is use a two tiered hierarchy as shown in the example in the 2005q4 DA Guide, but instead of full orgs as in the example (pg 28), use shared orgs via "sunOrgType: shared" attribute.
Is this allowed?
Is there a good example with the needed objecclasses and attrs?
Thanks for any guidance offered!