Directory Information Tree Structure

Tree setup#

Below is the DIT (Directory Information Tree) setup that I have found to be the most flexible for large LDAP trees.
			(Root of All Normal Activity)
			(All groups without eDirectory Privileges)
			(All IDM components)
			(All user type accounts without Directory Privileges)
			(All groups and users with elevated Directory Privileges)
			(All Server related Entries)
			(All Applications Administration Would Be done here)
			(Typically groups or elevated privileges needed for App Administration)

More Information#

There might be more information for this subject on one of the following: ...nobody