[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Not sure which attribute I should use..!
Hi there,
I'm trying to accomplish something with mod_ldap, a plugin for
proftpd....
In the documentation, the author suggests using the allowedServices
attribute to check whether or not a user should have access to a
particular service. (see below)
==================
For example, to replicate basic allowedServices checking, pass this
LDAP
search filter to LDAPDoAuth:
(&(uid=%u)(|(allowedServices=*FTP*)(!(allowedService=*))))
To emulate deniedServices checking, use this search filter:
(&(uid=%u)(!(deniedServices=*FTP*)))
To emulate *both* allowedServices and deniedServices checking, use
this
filter:
(&(uid=%u)(|(allowedServices=*FTP*)(!(allowedService=*)))(!(deniedServ
ices=*FTP*)))
==================
Unfortunately, allowedServices is not a standard attribute in OpenLDAP
2.0.7, and I'd like to find an attribute that would fit for this usage
in the standard schemas that come with OpenLDAP, or in an additional
standard schema file that I can download....
In other words, I'd prefer not to have to create my own objectClass,
seeing as I'm a relative newbie to the world of LDAP, and would like
to keep things standard.... No sense creating an attribute if a
similar one already exists!
Thanks in advance,
Eric Parusel
Systems Administrator