[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP Replacement for NIS
>I just use one big branch for all users, but I think that you can tweak
>the pam settings in /etc/ldap.conf to limit searchs to a particular DN.
>This might come close to what you're looking for. That way you could
>restrict searchs to say, ou=admins, or something.
That's one option. Or you could use the pam_filter attribute to restrict
access to users with a particular attribute; or pam_groupdn to enforce
membership of a group; or checking the "host" attribute for access
control.
-- Luke
PS. Please use the pamldap@padl.com list for discussing pam_ldap.
PPS. nss_ldap doesn't support netgroups in LDAP, but our LDAP/NIS
gateway does.
--
Luke Howard | lukehoward.com
PADL Software | www.padl.com