[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap linking attributes support

To: Andy <theands@gmail.com>
Subject: Re: openldap linking attributes support
From: Michael Ströder <michael@stroeder.com>
Date: Tue, 13 May 2008 10:32:29 +0200
Cc: openldap-software@openldap.org
In-reply-to: <52796b1e0805112308l5a05175due181b1a2ddb4516c@mail.gmail.com>
References: <52796b1e0805112308l5a05175due181b1a2ddb4516c@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.13) Gecko/20080313 SeaMonkey/1.1.9

Andy wrote:

Currently I have a ldap directory with several branches.
--Root
----ou=Samba accounts
----ou=Website accounts
----ou=VPN accounts
----ou=Email accounts
and so on. Every object has a userPassword field which means that if a user changes his password under one of the systems (eg. websites), the password will not change on the others. Ultimately I would like to syncronise all the passwords between all the systems.

If all these user sets are almost the same my question is why did you put them in several branches? You should rather have ou=Users and put users in Samba/Website/VPN/Email groups or given them additional attributes to filter them.

Is there anyway I can link the attribute userPassword attribute within samba schema, emailaccounts schema so on to the simple security object that resides in the ou=password.


Nope.

BTW: Samba passwords are different attributes anyway.

Ciao, Michael.

References:
- openldap linking attributes support
  - From: Andy <theands@gmail.com>

Prev by Date: OpenLDAP as proxy for another LDAP-Server [Virus checked]
Next by Date: Re: slapo-rwm and rewriteRules
Index(es):
- Chronological
- Thread