What exactly does that mean in your context?
In my set up when I provide access to a user, he gets access to all the servers managed by our ldap which is not at all what we would like to give.
So, this way I am trying to further enforce which user would have access to what . I will write few scripts to automate the process.
Is there a better approach to this.
You can do that but why? Which LDAP client does expect the hosts to be in
e.g. a space separated list. The only issue I see here is when i do a "ldapseacrch -x" it would run into many lines . Was trying to just limit that.
~Rakesh
On Wed, Mar 4, 2015 at 4:00 AM, Michael Ströder michael@stroeder.com wrote:
Rakesh Rajasekharan wrote:
I am trying to set up a host based authentication.
What exactly does that mean in your context?
For that ,am modifying the host attribute of existing users through an ldif file as below
dn: uid=sam,ou=People,dc=example,dc=com changetype: modify add: objectClass objectClass: hostObject
Using 'hostObject' for human users does not sound like a good choice.
Object class 'account' has "MAY host" in its object class description.
add: host host: abc host: xyz
Is there a way I can put the lidt of hosts in a single line something like this
host: xyz abc
You can do that but why? Which LDAP client does expect the hosts to be in e.g. a space separated list.
Ciao, Michael.