Hello, I’m new on this list. I actually try to configure a LDAP server to manage my identities (and use Kerberos as authentication backend). In my goal, I want to minimize information that need to be set by administrator to create entry. Here is a basic example : dn: uid=yoann,ou=people,dc=example,dc=com objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person objectClass: top objectClass: posixAccount cn: Yoann Gini gidNumber: 20 homeDirectory: /home/users/yoann sn: Gini uid: yoann uidNumber: 2000 givenName: Yoann loginShell: /usr/local/bin/zsh mail: yoann@example.com userPassword: {SASL}yoann@EXAMPLE.COM As you can see, they have many redundant informations… What I looking for is a way to fix some field for posixAccount or *,ou=people,dc=example,dc=com. For example, userPassword should be construct with a static text, a ldap entry and a global variable… {SASL}$uid$#KRB_REALM#. Like the mail : $uid$#domain# If you have any suggestion :-) Yoann |
Attachment:
smime.p7s
Description: S/MIME cryptographic signature