[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
[Fwd: Re: Using LDAP for authentication]
- To: openldap-software <openldap-software@OpenLDAP.org>
- Subject: [Fwd: Re: Using LDAP for authentication]
- From: Jim C <jcllings@tsunamicomm.net>
- Date: Wed, 04 Sep 2002 14:22:32 -0700
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:0.9.4.1) Gecko/20020508 Netscape6/6.2.3
-------- Original Message --------
Subject: Re: Using LDAP for authentication
Date: Wed, 04 Sep 2002 14:00:20 -0700
From: Jim C <jcllings@tsunamicomm.net>
To: "Derek J. Balling" <dredd@megacity.org>
References: <23EB6510-C027-11D6-A0A7-00039384A830@megacity.org>
> Perhaps this isn't the right forum (I couldn't connect to the archives
> to peruse them first). If not, my apologies and if someone could point
> me to the right spot, I'd appreciate it.
>
> I want to authenticate a bunch of machines against the LDAP server.
> That's easy. :-)
>
> What's more interesting are:
>
> 1.) Can I set it up so that a given uid is only valid on certain hosts?
Yes. There are provisions for this in at least one FAQ I know of.
> 2.) Can I set it up so that a given uid might have, say, /bin/bash as a
> shell on host1, and /bin/false as a shell on host2?
mmmm it might be done but I am not sure how. It would help to have a
solid understanding of how the DBMS for an object orientated database
functions and I am lacking in this as yet.
> 3.) Similarly, can I set up different homedirs? (on our production
> environment users have shared home directories depending on what they
> do, billing, order-entry, etc.)
You could manage this through the creation of different shares.
For example:
export:
/home/production/$userdir/
and:
/home/billing/$userdir/
Then just change the attribute for directory to match. Reccomend GQ for
this.