On Sat, 18 Jun 2011 22:13 -0700, "Hai Tao" taoh666@hotmail.com wrote:
Yes, I tried to add a host attribute, but I got object class violation error. Any idea?
Thanks.
Hai Tao
Did you ever resolve this? You don't mention which OS you are using, but in standard RH5 you can do try this.
1. Install nss_ldap 2. copy /usr/share/doc/nss_ldap-253/ldapns.schema /etc/openldap/schema/ldapns.schema This will provide the hostObject objectClass 3. In slapd.conf include /etc/openldap/schema/ldapns.schema 4. In a users ldap record add objectClass: hostObject 5. In the users ldap record add host: hostname 6. Modify the hosts ldap.conf file: pam_check_host_attr yes
Doing this from memory, but I think that should be enough to get what you want to work on a RH5 system. RH6 uses some different files on the host. BTW, you can also use the account objectClass to provide the host attribute, but my guess is that it will most likely conflict with another structural object class.