[Date Prev][Date Next]
Howto implement RBAC with OU's and posixGroups
- To: email@example.com
- Subject: Howto implement RBAC with OU's and posixGroups
- From: Fred van Zwieten <firstname.lastname@example.org>
- Date: Wed, 22 Feb 2012 10:22:55 +0100
- Authentication-results: mr.google.com; spf=pass (google.com: domain of email@example.com designates 10.50.208.1 as permitted sender) firstname.lastname@example.org; dkim=pass email@example.com
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=/QbrQ2SFay2tyRGQ/5Rj2s6tki26Id/IhlQ+8ZLjVH0=; b=cue5B4+dcKHYLizubFfPYOVGydBXgfU6ytCd8LgWyDwqAOl1O1JMwYBG9VsWAp+o2I Jt0KzqSWcJJ9FWqFZ+A2tSt1Iyq+f4zuTuuyDeTZP1SgQtGehotBaGxYghtfTUHS4OL0 mFvh4OpUNObnlHlS4l8TmvCo1N0A3v56LL5os=
warning: openldap newbie..
is it possible to have a person put into an OU and, because of this, will become member of some group in such a way that this group shows up in linux using "id". This to implement some form of RBAC. I found GroupofMembers, but that has nothing to do with OU's. Also, it seems posixGroup and groupOfMembers objecttypes are no longer allowed together because the are both STRUCTURAL.
In AD this is possible.