I use OpenLDAP as an authentication server for a small LAN (as proof-of-concept before migrating larger networks), and it's working perfectly for me with one somewhat-minor exception. My user database consists of a bunch of posixAccount entries, and each user's login shell is determined by the 'loginShell' attribute. Unfortunately, not all shells are present on all machines, and sometimes the same shells have different pathnames of different hosts. For example, FreeBSD installs bash at /usr/local/bin/bash by default, whereas it's usually (always?) at /bin/bash on Linux hosts. Some users want to use zsh, but can accept bash on machines where zsh isn't installed. My question, then, is whether there's any way to re-write the loginShell attribute on a per-host basis, with rules like: FreeBSD server? Translate: /bin/bash => /usr/local/bin/bash Linux without zsh? Translate: /bin/zsh => /bin/bash and so on. Yes, I know that one solution is to install every possible shell into identical paths on each server, but that's just not a good option for any number of reasons. Can I do this? If so, is there a common name for this that I can search for so that I can read up on it without pestering the list? Many thanks, -- Kirk Strauser In Googlis non est, ergo non est.
Description: PGP signature