[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP Authentication ; allow Logins per Host

To: openldap-software@OpenLDAP.org
Subject: LDAP Authentication ; allow Logins per Host
From: Markus Benning <benning@erlm.siemens.de>
Date: Tue, 11 Sep 2001 14:30:58 +0200
Content-disposition: inline
User-agent: Mutt/1.3.20i

Dear List,

I'm currently implementing OpenLDAP as a authentication Server in
my company.
It provides account informations for linux/sun with pam_ldap.

I have all users,groups and workstations in my ldap tree.
I thinked about adding a objectClass: groupOfUniqueNames to
each of the Workstation. Then i can add all users i want to
have access to this workstation as an uniqueMember.

I thinked about doing this by adding something like this to
my /etc/ldap.conf:
pam_groupdn "cn=workstation1234,ou=machines,o=company"
pam_member_attribute "uniqueMember"

My question is when i change the pam_member_attribute from memberuid
to uniqueMember will this affect my Unix Groups ?
Will pam_ldap/nss_ldap use the "pam_member_attribute" to find the
users in a posixGroup, too ?

-- 
Markus Benning

   .^.
   /V\     Tel. : +49 9131 7 21713
 /(   )\   Email: Markus.Benning@siemens.com
  ^^-^^    __________________________________
             
         Open Source is a philosophy not a price tag!

Prev by Date: slapd -h
Next by Date: Re: dynamic ACLs
Index(es):
- Chronological
- Thread