[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Restricting acces using host attribute

To: "Francis, Steve (IHG)" <Steve.Francis@ihg.com>, <openldap-technical@openldap.org>
Subject: RE: Restricting acces using host attribute
From: "Francis, Steve (IHG)" <Steve.Francis@ihg.com>
Date: Mon, 19 Apr 2010 14:41:08 -0400
Content-class: urn:content-classes:message
In-reply-to: <C595E25CD30F3F4192918C5DFE51625975C200@HNATLD1SVREXG09.Amer.Corp.Local>
References: <C595E25CD30F3F4192918C5DFE51625975C200@HNATLD1SVREXG09.Amer.Corp.Local>
Thread-index: Acrf6kt5TZT/ZtE7RvCwi2c2McUXewABXFnw
Thread-topic: Restricting acces using host attribute

I believe I have resolved the issue. I found a "valid schema" to add a "hostObject" to my ldap server, then added that objectclass to a user and viola host attribute available.

Steve Francis

Technical Advisor - zSeries, zLinux, z/OS

IHG

Alpharetta Data Center

Ph: 770-442-7157

Cell: 770-906-3122

IM: francisihg

From: openldap-technical-bounces+steve.francis=ihg.com@OpenLDAP.org [mailto:openldap-technical-bounces+steve.francis=ihg.com@OpenLDAP.org] On Behalf Of Francis, Steve (IHG)
Sent: Monday, April 19, 2010 2:01 PM
To: openldap-technical@openldap.org
Subject: Restricting acces using host attribute

Greetings, I have a Ldap server up and running, all is well. However, I would like to start restricing access to hosts using the host attribute, which if I'm correct is part of the account objectClass. This is a SLES 10.3 system. The id that I migrated from /etc/passwd had the host attribute, but all other id's created later via the YAST gui interface, do not. I believe this is because they are using inetOrgPerson, instead of account. Is there some way of adding the host attribute to newly added users?