How could this ideally be done with OpenLDAP?
2012/2/22 llg <email@example.com <mailto:firstname.lastname@example.org>>
Â Â Â Âpersons should use inetOrgPerson and PosixAccount schemas : gidNumber
Â Âgives primary group.
Â ÂThen define specific branch ou=posix based on PosixGroup schema and add
Â Âthe uid of the person in memberUid multiple values attribute to specify
Â Âsecondary gid.
Â ÂLe 22/02/2012 10:22, Fred van Zwieten a Ãcrit :
Â ÂHi all,
Â ÂFred <http://epsilon.eridani.nl>
Â Âwarning: openldap newbie..
Â Âis it possible to have a person put into an OU and, because of this,
Â Âwill become member of some group in such a way that this group shows up
Â Âin linux using "id". This to implement some form of RBAC. I found
Â ÂGroupofMembers, but that has nothing to do with OU's. Also, it seems
Â ÂposixGroup and groupOfMembers objecttypes are no longer allowed together
Â Âbecause the are both STRUCTURAL.
Â ÂIn AD this is possible.