[Date Prev][Date Next]
Re: Multiple Search Paths
Cory Petkovsek wrote:
On Thu, Oct 02, 2003 at 09:02:59AM -0400, Tibbetts, Ric wrote:I looked at using "sub" for the search scope, and it does work. But it
opens a door I don't want.
This is probably a quick & simple one.
I need to set up multiple search paths for user accounts.
I have several departments in my DIT that could contain department only
accounts, as well as a general user base. So for any given user (within
a domain), I need to do two searches (for login authentication).
My main user base is in (for example):
With department specific accounts in:
I did something like:
Then in my libnss-ldap.conf I have:
?sub being the operative key word. I can authenticate against ou=people
My tree looks like:
| | |
dc=eng dc=dev dc=test
I keep the base users in ou=People,dc=ldap-test,dc=com
And then project specific accounts in (for example)
But I don't want "everyone" to have access to them.
So if a box is in the dev area, they would not see the users for the eng
This is trivial on Solaris. In the profile, just do something like:
I thought Linux would have an equivelant to that. It's exactly what I
need, but I can't find an equiv.