[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Unix groups information in LDAP server

On 5/10/19 5:43 PM, JC wrote:
> # someuser, individuals, mydomain.com
> dn: uid=someuser,ou=individuals,dc=mydomain,dc=com
> uid: someuser
> cn: someuser
> objectClass: account
> objectClass: posixAccount
> loginShell: /bin/bash
> uidNumber: 1000
> gidNumber: 100
> homeDirectory: /home/someuser
> 
> When used in conjunction with NSS in a Linux box, this allows me to
> centralize a number of Linux attributes for users - a specific one here
> called 'someuser'. The next thing I would like to do is to store
> information in the LDAP server about other groups that someuser belongs
> to.

You need posixGroup which is available in two flavors.

Before you dive into this yourself one question:
Do you want to design all this yourself to learn stuff in depth or do
you want to get something going real soon?

If the latter there are some ready-to-use solutions out there based on
OpenLDAP. Being the author of https://ae-dir.com I'm biased of course.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature