[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Using "overlay dynlist" with Ubuntu Karmic 9.10 LDAP server using slapd.d (not slapd.conf) ?



Hi Shamika,

there are some examples in the faq-o-meter how to use dynlists. Take a look here.

Here is a example of my config to do this:

cat /etc/ldap/slapd.d/cn=config/olcDatabase={1}hdb/olcOverlay\=\{0\}dynlist.ldif
dn: olcOverlay={0}dynlist
objectClass: olcOverlayConfig
objectClass: olcConfig
objectClass: top
objectClass: olcDynamicList
olcOverlay: {0}dynlist
olcDlAttrSet: {0}posixGroup labeledURI memberUid:uid

dn: cn=users,ou=People,ou=Groups,dc=example,dc=com
structuralObjectClass: posixGroup
objectClass: posixGroup
objectClass: labeledURIObject
objectClass: top
memberUid: username1
memberUid: username2
memberUid: username3
memberUid: username4
memberUid: username5
cn: users
gidNumber: 1100
labeledURI: ldap:///ou=Users,dc=example,dc=com?uid?sub?(objectClass=posixAccount)

if you have username1 to 5 in ou=Users,dc=example,dc=com with uid's like this and the objectClass posixAccount.

Maybe you can modify that to your needs.

Bye,

On Thu, Apr 1, 2010 at 15:19, Shamika Joshi <shamika.joshi@gmail.com> wrote:
Hi
The desired implementation is to control user logins on different lab machines based on the project groups.
Scenario: Bob is part of project group 'mars' & John is part of 'venus' then I have added lab machines x1-x3 to group 'mars' & y1-y3 to group venus. Now I want John to only access machines allocated for project 'mars' i.e x1 to x3 & John to access machines allocated for 'venus' i.e y1 to y3

I went through this link learned that it can be achieved using "overlay dynlist". Please correct me if I've got it wrong.
However my lab server is Ubuntu 9.10 (karmic koala) and it is using slapd.d (not slapd.conf)
So now if I want to attempt to use "overlay dynlist" how should I go about it? Has anyone done this before? Any help will be appreciated.

Thanks
Shamika



--
To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To be is to do -- Sartre | Do be do be do -- Sinatra