[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: schema for NSS LDAP with not all accounts active



On Sat, 31 Mar 2001, Jeremy Lunn wrote:

> On Fri, Mar 30, 2001 at 11:54:37PM +0300, Sami Haahtinen wrote:
> > i'm currently implementing filter attribute for pam_ldap, which would allow you
> > to add a custom filter for your pam module (filter=(service=telnet) would be
> > quite effective..
>
> Nice.

Indeed

> Or would it be better to have an attribute for each service like
> filter=(telnet=yes)?

No... It looks like Sami is doing a real LDAP filter...  *VERY*
powerful - gives you all the flexibility you'll likely need

-- 
Rick Nelson
<n3tg0d> has /usr/bin/emacs been put into /etc/shells yet?  :P



Reply to: