[Date Prev][Date Next]
RE: allow or deny certain user access to certain hosts
On Sat, 18 Jun 2011 22:13 -0700, "Hai Tao" <email@example.com> wrote:
> Yes, I tried to add a host attribute, but I got object class violation
> error. Any idea?
> Hai Tao
Did you ever resolve this? You don't mention which OS you are using,
but in standard RH5 you can do try this.
1. Install nss_ldap
2. copy /usr/share/doc/nss_ldap-253/ldapns.schema
This will provide the hostObject objectClass
3. In slapd.conf
4. In a users ldap record add
5. In the users ldap record add
6. Modify the hosts ldap.conf file:
Doing this from memory, but I think that should be enough to get what
you want to work on a RH5 system. RH6 uses some different files on the
host. BTW, you can also use the account objectClass to provide the host
attribute, but my guess is that it will most likely conflict with
another structural object class.