(Apologies if I've got the terminology wrong, I'm fairly new to LDAP)
I am setting up a local LDAP server (Apache Directory Server) with the following structure:
o={my organization name} [objectClass=organization]
ou=groups [objectClass=organizationalUnit]
cn=someGroup [objectClass=groupOfUniqueNames]
cn=otherGroup [objectClass=groupOfUniqueNames]
...
ou=users [objectClass=organizationalUnit]
cn=user1 [objectClass=inetOrgPerson]
cn=user2 [objectClass=inetOrgPerson]
cn=user3 [objectClass=inetOrgPerson]
...
I also set up some basic authorization according to the manual.
Everything works great.
Now I have an issue. I have another server running Atlassian Crowd that needs access to this LDAP, and I would like to give that service its own LDAP authorization entry, to partition access rights. But it's not a user, it's a service.
What objectClass is used for service identities?
(and as a newbie to LDAP, how do you find out that groupOfUniqueNames is used for groups, inetOrgPerson is used for user entries? That seems to be the norm.)