[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP Host access best practices

Title: LDAP Host access best practices
I am fairly new to LDAP in general, so please excuse any syntax errors.  I have a radius proxy which will query an LDAP data store to determine if a user has access to a host.  I want to reuse the concept of how users are defined:

Ou=users -> defines all users
Ou=groups -> defines all groups
Ou=groups,cn=groupname -> links the users to the group

With hosts.  My problem is that I cannot find any specific formal definition on how this is done (in terms of what each subtree’s objectClass should be).  Has anyone done this, or can point me in the right direction?

All the user/groups based stuff is based on posixGroup, which im pretty sure is unix/linux concept – can this be used for what I am trying to do with hosts?

Basic architecutre:
Ou=hosts -> defines a host
Ou=hostGroups -> defines a group name (organizationlUnit?)
Ou=hostGroups,cn=hostGroupName -> this will link what hosts are in the group

Thanks for any help.