[Date Prev][Date Next] [Chronological] [Thread] [Top]

Not sure which attribute I should use..!

To: <openldap-software@OpenLDAP.org>
Subject: Not sure which attribute I should use..!
From: "Eric Parusel" <lists@globalrelay.net>
Date: Wed, 2 May 2001 11:02:03 -0700

Hi there,

    I'm trying to accomplish something with mod_ldap, a plugin for
proftpd....
In the documentation, the author suggests using the allowedServices
attribute to check whether or not a user should have access to a
particular service. (see below)

==================

For example, to replicate basic allowedServices checking, pass this
LDAP
  search filter to LDAPDoAuth:
  (&(uid=%u)(|(allowedServices=*FTP*)(!(allowedService=*))))

  To emulate deniedServices checking, use this search filter:
  (&(uid=%u)(!(deniedServices=*FTP*)))

  To emulate *both* allowedServices and deniedServices checking, use
this
  filter:

(&(uid=%u)(|(allowedServices=*FTP*)(!(allowedService=*)))(!(deniedServ
ices=*FTP*)))

==================


Unfortunately, allowedServices is not a standard attribute in OpenLDAP
2.0.7, and I'd like to find an attribute that would fit for this usage
in the standard schemas that come with OpenLDAP, or in an additional
standard schema file that I can download....

In other words, I'd prefer not to have to create my own objectClass,
seeing as I'm a relative newbie to the world of LDAP, and would like
to keep things standard....  No sense creating an attribute if a
similar one already exists!

Thanks in advance,

Eric Parusel
Systems Administrator

Prev by Date: announce: howto for solaris+LDAP+TLS
Next by Date: ldapsearch with multiple databases
Index(es):
- Chronological
- Thread