\subsection{LDAP}

\begin{frame}
  \frametitle{LDAP architecture}

  \begin{itemize}
  \item All user-specific information is stored in LDAP records
  \item \texttt{scripts-ldap-1} through \texttt{scripts-ldap-3} run LDAP daemons with multi-master replication
  \item Each realserver runs a read-only local caching LDAP daemon
  \end{itemize}
\end{frame}

\begin{frame}
  \frametitle{LDAP data}

  \begin{itemize}
  \item Each user has a \texttt{scriptsAccount} and at least one
    \texttt{scriptsVhost}
  \item Users can request additional virtual hosts using ``pony''
  \item scriptsAccount is consulted by Postfix for mail routing (so accounts can be blocked)
  \item scriptsVhost is consulted by a cron job for SSL certificates
  \end{itemize}
\end{frame}