[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: schema for NSS LDAP with not all accounts active



On Fri, Mar 30, 2001 at 08:47:18PM +0200, Piotr Roszatycki wrote:
> > Well, at least that's an solution. However I don't like it too much, to
> > have a whole bunch of config files lying around. If I find the time
> > (imagine the if written in real big letters), I will try to implement this
> > in pam_ldap, where it belongs (IMHO).
> > 
> > Anyway, thanks for this solution, I will incorporate this in my existing
> > configuration as well

i'm currently implementing filter attribute for pam_ldap, which would allow you
to add a custom filter for your pam module (filter=(service=telnet) would be
quite effective..

> Ha, I have the same problem already. My questions:
> 1. Can I have a multiple `uid' attributes in one LDAP record?

yes you can. the schema allows multiple uids, how it works is another thing =)

> 2. Which attribute describes the services available for user?

there is none at the moment.

> BTW, I started a small project on SourceForge,
> http://ldapnstools.sourceforge.net
> 
> It could be interesting for anyone who want easly migrate from /etc/passwd
> to LDAP.

is this something like the MigrationTools from PADL?

-- 
			      -< Sami Haahtinen >-
	    -< 2209 3C53 D0FB 041C F7B1  F908 A9B6 F730 B83D 761C >-

Attachment: pgpdF80Irdr_l.pgp
Description: PGP signature


Reply to: