Re: schema for NSS LDAP with not all accounts active
On Fri, Mar 30, 2001 at 11:54:37PM +0300, Sami Haahtinen wrote:
> i'm currently implementing filter attribute for pam_ldap, which would allow you
> to add a custom filter for your pam module (filter=(service=telnet) would be
> quite effective..
I was going to implement LDAP for someone but they seem to have lost
interest and they are just doing nothing depsite having 2 x flakey Red
Hat 4.x machines at the core of their network (one does authentication
the other one does dialins).
But if they do go LDAP or if I am setting up something simular for
someone else then I would be looking at something like that. But I'm
just curious how that would handle having multiple services. Would it
just be a matter of having them deliminated with a comma or something?
Or would it be better to have an attribute for each service like