[Date Prev][Date Next]
LDAP Host access best practices
- To: <email@example.com>
- Subject: LDAP Host access best practices
- From: Mathew Rowley <firstname.lastname@example.org>
- Date: Wed, 07 Jan 2009 12:33:46 -0700
- Thread-index: Aclw/ttMqqdqNbH3GUSKv1tC2YLrBA==
- Thread-topic: LDAP Host access best practices
- User-agent: Microsoft-Entourage/12.10.0.080409
Title: LDAP Host access best practices
I am fairly new to LDAP in general, so please excuse any syntax errors. I have a radius proxy which will query an LDAP data store to determine if a user has access to a host. I want to reuse the concept of how users are defined:
Ou=users -> defines all users
Ou=groups -> defines all groups
Ou=groups,cn=groupname -> links the users to the group
With hosts. My problem is that I cannot find any specific formal definition on how this is done (in terms of what each subtree’s objectClass should be). Has anyone done this, or can point me in the right direction?
All the user/groups based stuff is based on posixGroup, which im pretty sure is unix/linux concept – can this be used for what I am trying to do with hosts?
Ou=hosts -> defines a host
Ou=hostGroups -> defines a group name (organizationlUnit?)
Ou=hostGroups,cn=hostGroupName -> this will link what hosts are in the group
Thanks for any help.