[Fedora-directory-users] Server-Side ACLs for pam_ldap logins.
Michael Montgomery
mmontgomery at theplanet.com
Tue Jan 3 18:35:00 UTC 2006
Thanks for the response. I'll read up on this, and see if I can get
this working.
On Tue, 2006-01-03 at 11:29 -0700, Richard Megginson wrote:
> Michael Montgomery wrote:
>
> >I do agree that this is closer to what I'm looking for, but the first
> >problem I see is that I wanted to allow Groups of people to login to
> >Groups of servers like:
> >
> >cn=www,ou=Group,dc=example,dc=com is a group of www servers.
> >cn=Unix,ou=Group,dc=example,dc=com is a group of Unix users.
> >
> >So basically, on the people in the Unix group, can login to the www
> >servers, and so forth.
> >
> >
> Right. The host attribute is per user. You could set up a Roles for
> your users, and use Class of Service to automatically add the host
> attribute to the role members.
More information about the Fedora-directory-users
mailing list