Re: schema for NSS LDAP with not all accounts active
On Sat, 31 Mar 2001, Jeremy Lunn wrote:
> On Fri, Mar 30, 2001 at 11:54:37PM +0300, Sami Haahtinen wrote:
> > i'm currently implementing filter attribute for pam_ldap, which would allow you
> > to add a custom filter for your pam module (filter=(service=telnet) would be
> > quite effective..
>
> Nice.
Indeed
> Or would it be better to have an attribute for each service like
> filter=(telnet=yes)?
No... It looks like Sami is doing a real LDAP filter... *VERY*
powerful - gives you all the flexibility you'll likely need
--
Rick Nelson
<n3tg0d> has /usr/bin/emacs been put into /etc/shells yet? :P
Reply to: