Re: Multiple Search Paths

[Cory Petkovsek <cory@adaptableit.com>]

On Thu, Oct 02, 2003 at 09:02:59AM -0400, Tibbetts, Ric wrote:
> All;
> This is probably a quick & simple one.
> I need to set up multiple search paths for user accounts.
> I have several departments in my DIT that could contain department only 
> accounts, as well as a general user base. So for any given user (within 
> a domain), I need to do two searches (for login authentication).
> 
> My main user base is in (for example):
> 
> 	ou=People,dc=ldap-test,dc=com
> 
> With department specific accounts in:
> 
> 	ou=People,dc=eng,dc=mlb,dc=ldap-test,dc=com

I did something like:
ou=people,dc=petersen-arne,dc=com
ou=reps,ou=people,dc=petersen-arne,dc=com
ou=misc,ou=people,dc=petersen-arne,dc=com

Then in my libnss-ldap.conf I have:
base ou=People,dc=petersen-arne,dc=com
nss_base_passwd         ou=People,dc=petersen-arne,dc=com?sub
nss_base_shadow         ou=People,dc=petersen-arne,dc=com?sub
nss_base_group          ou=Group,dc=petersen-arne,dc=com?one

?sub being the operative key word.  I can authenticate against ou=people
and ou=*,ou=people.

Cory


-- 
Cory Petkovsek                                       Adapting Information
Adaptable IT Consulting                                Technology to your   
(541) 914-8417                                                   business
cory@AdaptableIT.com                                  www.AdaptableIT.com