I have many Windows 2003/Linux Server, and a OpenLDAP server as auth server, I want setup ACL in OpenLDAP server, maybe user A allowed to login in windows-1 server and Linux-1 server, and user B allowed to login in windows-2 server and Linux-2 server. How to setup it in OpenLDAP server?
The question is not how to set-up LDAP, but how to setup your Windows and Linux servers.
For example I use in nss_ldap.conf (Unix)
nss_base_passwd ou=People,ou=csim,dc=cs,dc=ait,dc=ac,dc=th?one?csimAccountPermission=samba
And in smb.conf (samba)
[ well I can't find it right now ]
So basically I am using one LDAP attribute that I created "csimAccountPermission" that lists the various machines/applications that one user can access.
But that is really depending on what you want to authenticate, not all applications supports to add an LDAP filter.
Olivier