[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Multiple Search Paths
On Thu, Oct 02, 2003 at 09:02:59AM -0400, Tibbetts, Ric wrote:
> All;
> This is probably a quick & simple one.
> I need to set up multiple search paths for user accounts.
> I have several departments in my DIT that could contain department only
> accounts, as well as a general user base. So for any given user (within
> a domain), I need to do two searches (for login authentication).
>
> My main user base is in (for example):
>
> ou=People,dc=ldap-test,dc=com
>
> With department specific accounts in:
>
> ou=People,dc=eng,dc=mlb,dc=ldap-test,dc=com
I did something like:
ou=people,dc=petersen-arne,dc=com
ou=reps,ou=people,dc=petersen-arne,dc=com
ou=misc,ou=people,dc=petersen-arne,dc=com
Then in my libnss-ldap.conf I have:
base ou=People,dc=petersen-arne,dc=com
nss_base_passwd ou=People,dc=petersen-arne,dc=com?sub
nss_base_shadow ou=People,dc=petersen-arne,dc=com?sub
nss_base_group ou=Group,dc=petersen-arne,dc=com?one
?sub being the operative key word. I can authenticate against ou=people
and ou=*,ou=people.
Cory
--
Cory Petkovsek Adapting Information
Adaptable IT Consulting Technology to your
(541) 914-8417 business
cory@AdaptableIT.com www.AdaptableIT.com