[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: host attribute can't be added in OpenLDAP 2.1.x

To: Simon Gao <sgao@sci.utah.edu>
Subject: Re: host attribute can't be added in OpenLDAP 2.1.x
From: Adam Williams <awilliam@whitemice.org>
Date: Fri, 3 Jan 2003 14:14:00 -0500 (EST)
Cc: Matthew J Backes <lucca@csun.edu>, <openldap-software@OpenLDAP.org>
In-reply-to: <3E15D3E4.7060501@sci.utah.edu>

>Thanks a lot for your help. Now everything worked. But I have one more 
>question, have you tried to add host attribute to a group so that host 
>access control can also be done based on a group?

It won't work.  But if you want to controll access to a host based upon a 
group (more maintainable in my book anyway) then put a filter in your PAM 
configuration.

>>Well, assuming you want to use the host attr from the cosine schema, a
>>reasonable attempt might be:
>>objectclass ( my.unique.and.legally.obtained.oid.space.1.2.1.3.1
>>        NAME 'personOfAccount'
>>        DESC 'inetOrgPerson with accounts on systems'
>>        SUP inetOrgperson
>>        STRUCTURAL
>>        MAY ( host ) )
>>
>>As you can see, the syntax is rather straightforward.  The admin guide
>>covers this in far greater detail.

References:
- Re: host attribute can't be added in OpenLDAP 2.1.x
  - From: Simon Gao <sgao@sci.utah.edu>

Prev by Date: Re: Regex access problem in slapd.conf
Next by Date: Update on performance issues with Openldap 2.1.x and Solaris 8
Index(es):
- Chronological
- Thread