[Date Prev][Date Next]
Re: host attribute can't be added in OpenLDAP 2.1.x
>Thanks a lot for your help. Now everything worked. But I have one more
>question, have you tried to add host attribute to a group so that host
>access control can also be done based on a group?
It won't work. But if you want to controll access to a host based upon a
group (more maintainable in my book anyway) then put a filter in your PAM
>>Well, assuming you want to use the host attr from the cosine schema, a
>>reasonable attempt might be:
>>objectclass ( my.unique.and.legally.obtained.oid.space.220.127.116.11.1
>> NAME 'personOfAccount'
>> DESC 'inetOrgPerson with accounts on systems'
>> SUP inetOrgperson
>> MAY ( host ) )
>>As you can see, the syntax is rather straightforward. The admin guide
>>covers this in far greater detail.