[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Back-links?? I think that is what they are called.

To: Skinny Puppy <skin_pup-openldap-software@happypoo.com>
Subject: Re: Back-links?? I think that is what they are called.
From: adam@morrison-ind.com
Date: Wed, 31 Jul 2002 13:03:49 -0400
Cc: openldap-software@OpenLDAP.org
In-reply-to: <20020730222214.GF32754@shitbomb.com>
References: <20020730222214.GF32754@shitbomb.com>
User-agent: Internet Messaging Program (IMP) 3.0

>I have been reading and playing around for sometime with LDAP, and I think
>I have a good handle on the basics now.  But I have kinda got stuck with a
>groups issue.  
>I am using LDAP for Authenacations.  We are also attempting to get a very
>fine gain control of who is able to log in and to what hosts.  This is a
>fairly large enviroment 200 - 500 Misc UNIX servers.  I tryed to use the
>ACL logic of:
group/groupOfUniqueNames/uniqueNames="cn=mailadmin,ou=Groups,ou=People,dc=happypoo,dc=com
> In pam_ldaps pam_filter. This of course does not work.  

Niether OpenLDAP NOR pam ldap (AFAIK) support this.  But something very similai
can be accomplished with pam_ldap + pam_listfile

ftp://kazoolug.org/pub/pdf/pam_and_nss.pdf

References:
- Back-links?? I think that is what they are called.
  - From: Skinny Puppy <skin_pup-openldap-software@happypoo.com>

Prev by Date: Re: question about how to enforce directory tree structure
Next by Date: Re: newbie problem
Index(es):
- Chronological
- Thread