[Date Prev][Date Next]
Re: LDAP Replacement for NIS
>I just use one big branch for all users, but I think that you can tweak
>the pam settings in /etc/ldap.conf to limit searchs to a particular DN.
>This might come close to what you're looking for. That way you could
>restrict searchs to say, ou=admins, or something.
That's one option. Or you could use the pam_filter attribute to restrict
access to users with a particular attribute; or pam_groupdn to enforce
membership of a group; or checking the "host" attribute for access
PS. Please use the email@example.com list for discussing pam_ldap.
PPS. nss_ldap doesn't support netgroups in LDAP, but our LDAP/NIS
Luke Howard | lukehoward.com
PADL Software | www.padl.com