[Date Prev][Date Next] [Chronological] [Thread] [Top]

Namespace layout [was: pam_ldap questions]

To: "'openldap-general@OpenLDAP.org'" <openldap-general@OpenLDAP.org>
Subject: Namespace layout [was: pam_ldap questions]
From: "Nyers, Gabor" <GNyers@telfort.nl>
Date: Thu, 7 Sep 2000 09:29:00 +0200

Hi all,

I think I asked my question the wrong way.

I have a certain namespace-design in mind for which I thought I could use
the "pam_groupdn" option in the /etc/ldap.conf, 
to enable login for only members of a machine-unique group. 
Unfortunately it turns out that this option does something else. (which is
why I was looking for some docs about these options)

Just for the record here is what I want to do:
* have separate branch in the directory tree for people, where all the
accounts live (e.g. ou=People,o=domain.com)
* have another branch for configuration info of the hosts ( e.g.
ou=Config,o=domain.com)
* within this branch have different machine-unique group with people's name
in it (e.g. cn=server1.domain.com,ou=PAM,ou=Config,o=domain.com) 
This way if a user needs access to a machine just add his/her name to the
machine group.

How do the ldap.wizards :-) this?

Thanks again,
Gabor

Follow-Ups:
- Re: Namespace layout [was: pam_ldap questions]
  - From: "Karel Zajicek" <karel.zajicek@ecn.cz>

Prev by Date: Re: managing email aliases with ldap
Next by Date: Re: Namespace layout [was: pam_ldap questions]
Index(es):
- Chronological
- Thread