27 Nov
2013
27 Nov
'13
10:10 a.m.
Viviano, Brad wrote:
Adjusting ACL's seems like overkill for this situation and I have to work within the bounds of what sssd offers.
I'm doing this with sssd and it's definitely not overkill => there's no valid excuse to not learn about ACLs
And it does not only work for applications/clients which support a custom name-your-favourite-vendor-specific-lock-attribute-here. If done right ACLs simply make entries invisible for sssd or *every* application integrated with your LDAP server.
Ciao, Michael.