=== Services ===
The sub tree '''ou=services,ou=administration,dc=stoney-cloud,dc=org''' contains all the service users. Each service and/or application has its own authentication user. The authentication user is used in the [[HTTP Basic authentication against OpenLDAP directory|OpenLDAP Directory Access Control Lists]] (ACLs) to allow or restrict access to the data.
Naming Convention '''Notification Useruser''':
* <SERVICE>-notification
** backup-notification
** cloud-notification
** lbaas-notification
** mail-notification
** storage-notification
Naming Convention '''Service Useruser''':
* <SERVICE>-<DAEMON>
** backup-pam-ldap
** cloud-openstack
** crm-suitecrm
** billing-cyclops
** cm-puppetboard ('''c'''onfiguration '''m'''anagement - Puppetboard Service)
** dms-alfresco ('''d'''ocument '''m'''anagement '''s'''ystem - Alfresco)
** iac-terraform ('''i'''nfrastructure '''a'''s '''c'''ode - Terraform)
** <s>lbaas-haproxy</s>
** <s>lbaas-pam-ldap</s>
** monitoring-zabbix
** phabricator
** pm-kanboard
** qos-rally
** storage-nextcloud
** storage-pam_ldap
** timetimetracking-kimai** vault-cryptopus (A vault is a place where secrets are stored - in other words a password management system)
** vcs-gitlab ('''v'''ersion '''c'''ontrol '''s'''ystem - GitLab Service)
** virtualization-sc-brokerd
** wiki-int
Naming Convention '''API user''':* <SERVICE>-api** lbaas-api Naming Convention '''Provisioning Useruser''':
* prov-<SERVICE>-<TYPE>
** prov-backup-kvm
** prov-cloud-openstack
** prov-configuration-management-puppet
** <s>prov-lbaas-haproxy</s>
** prov-mail-ox ('''O'''pen-'''X'''change)
** prov-monitoring-zabbix
| <center>'''Existence'''</center>
| <center>'''Mandatory'''</center>
| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''
|-
| <center>MAY</center>
| <center>x</center>
| The organisation name of the reseller. For example: '''Reseller Ltd.''' . A reseller must be a company (<code>sstIsCompany: TRUE</code>), in case of a person '''Surname, givenName''' (<code>sstIsCompany: FALSE</code>) or in case of a brand a freely choosable string like '''Super Dooper Web Hosting''' (<code>sstIsCompany: FALSE</code>).
|-
| <center>'''Mandatory'''</center>
| '''Interface Equivalent'''
| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''
|-
| <center>'''Existence'''</center>
| <center>'''Mandatory'''</center>
| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''
|-