Best Practices

  1. Naming conventions
    1. DNS names
    2. Personal accounts
    3. Tool/service accounts
    4. Host entries
    5. User group names
    6. Service group names
  2. Security considerations
    1. Using tool/service accounts (aeService)

Naming conventions

DNS names

Recommendations:

In general Æ-DIR's access control does not care about DNS names at all. But still it's good practice to choose well-formed DNS names for Æ-DIR servers possibly following conventions similar like these:

Personal accounts

Tool/service accounts

Host entries

User group names

Service group names

Security considerations

Using tool/service accounts (aeService)

Some general recommendations if you really cannot avoid using tool/service accounts acting as clients: