On Wednesday, 10 August 2011 10:11:17 pradyumna dash wrote:
I have a query, lets take a scenario :
Assume we have 2 servers "Server1" and "Server2" and 2 groups
"ITTech", What is needed is like say when a user "bob" logging
in to "Server1" he will get the group "Admin", but when he logs in
"Server2" he will get group "ITTech". Also it may vary for different
like when "Kris" logs in to Server1 he may get a group called
when he logs in to "Server2" he will get some other group say
Can it be possible by OpenLDAP ?
IMHO, this is a bad idea. It will specifically be problematic if you have any
files shared/replicated/backed up between servers (e.g. via NFS).
If this is achieved then we are planning
to have SUDO files based on the grooups.
It would be much more effective to have your sudo rules in LDAP, and apply a
rule to a set of users/groups to a collection/netgroup of hosts.