[Date Prev][Date Next]
Re: Remapping user info per-system?
We used attribute mapping to use different shells on different hosts
This is a subset of the data for each account in ldap
shells is a custom objectclass (from our own schema) which allows us to
add on various other shells (namely muddlab, backend, pinex, public)
which are also defined in our schema.
On Sun machines (5.9)
and add |
then anyone logging onto that host will get the public shell
|nss_map_attribute loginShell pinex
and anyone logging onto that host will get pinex.
We found this worked well for our needs.
I know this response doesn't have much to do with openLdap,
but I thought if someone was searching the archive it would be
easiest if they could read the reply instead of re-asking.
I think you can control the mapping of LDAP attribute entities to different
host items in the nss_ldap configuration file. It'll probably be something
along the lines of "nss_map_attribute" and you should be able to use separate
shell specifications on a host-specific basis.
On HP-UX, mapping of LDAP attributes to rfc2307 items is actually done from
within the LDAP database itself, but on linux/BSD I'm pretty sure it's in
nss_ldap's configuration file... so, as others have requested, you ought to
take this question to the nss_ldap list where I am sure the answer would be
useful to others.
Don't forget to get your own OID if you need to set up some custom schema for