[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: schema for NSS LDAP with not all accounts active

On Sat, Mar 31, 2001 at 10:24:17PM +0200, Piotr Roszatycki wrote:
> > i'm currently implementing filter attribute for pam_ldap, which would allow
> > you to add a custom filter for your pam module (filter=(service=telnet)
> > would be quite effective..
> Nice, but AFAIR the `service' attribute isn't standard. Did you use a special
> objectClass?

the filter is self defined, and the service filter was just an example, you are
allowed to filter it with anything you like.

> > > 1. Can I have a multiple `uid' attributes in one LDAP record?
> > yes you can. the schema allows multiple uids, how it works is another thing
> It works pretty well. My users can login to FTP server with system uid (i.e.
> `user8367') and easly to remeber uid (i.e. `user@domain.com'). 

this is good to know.. i only knew that you can define multiple uids, i never
tried if they work =)

> > > http://ldapnstools.sourceforge.net
> > is this something like the MigrationTools from PADL?
> Not exactly, because it converts only user database and provides a
> replacement for standard tools from shadow package (useradd, chsh, passwd,
> etc.)

ahh.. this is something that is needed..

			      -< Sami Haahtinen >-
	    -< 2209 3C53 D0FB 041C F7B1  F908 A9B6 F730 B83D 761C >-

Reply to: