Powerful Directory Management Tool

[theands]

Hello everyone,

I was wondering if what I am about to ask is possible, I have spent hours researching it and still looking for a solution.

Currently I have a ldap directory with several branches.

--Root
----ou=Samba accounts
----ou=Website accounts
----ou=VPN accounts
----ou=Email accounts


and so on.
Every account has a userPassword field which means that if a user changes his password under one of the systems (eg. websites), the password will not change on the others.Which will mean inconsistent passwords between the different services and in turn more tedious support work. Ultimately I would like to syncronise all the passwords between all the systems.

Is there anyway of adding a new OU called ou=passwords. Within the ou passwords I will have a simple-security-object which will contain the username+password.

Is there anyway I can link the attribute userPassword attribute within samba schema, emailaccounts schema so on to the simple security object that resides in the ou=password.

Is this possible?

[enewman]

Why are you doing it this way? Is there any reason for users to have multiple accounts - one per service. I would have thought a single OU for user accounts and managing access through groups kight give a more flexible solution.

[theands]

I found that a OU for each account was to messy. I know the rule is "keep your tree as flat as possible" But I did not like it at all, looked really messy.