Ok. Here is an interesting problem.
We have purchased one of those remote serial console
access devices, and it "supports" ldap.
On our servers we use search filters to control who
has access to which of our servers... such as
sub?|(gid=55) etc.
BUT, this little thing only supports proving a "base"
and not any filters. If it just has our base then
everyone in our LDAP has access to this device and
want to limit it to just the sysadmin group.
Is there a way to create a virtual view of our
existing LDAP directory with a different base but
behind the scenes is a filtered view of our full LDAP
directory.
I thought I remember seeing something like this was
available. Either as a backend option or something
like that.
Any ideas?