Antw: Re: Help: LDAP using alias to reference value of another attribute
>> Michael Ströder<michael(a)stroeder.com> schrieb am
10.04.2015 um 22:47 in
Nachricht <552836EC.3020402(a)stroeder.com>:
Poul Etto wrote:
> Thank you for answers...
>
> Michael: We didn't know about it... We need such a structure as each of
our
> employees has an account but does not always have access to all
our
> services (and there really are many), so we prefered spliting everything
in
> different OUs.
You should use group entries for authorization. I'm also using
slapo-memberof
which automatically adds back link attribute 'memberOf' to group member
entries. This gives you best flexibility with most LDAP enabled
applications.
So if you use that approach, can you enable specific groups for saslauthd per
application (configuration file)? That sounds interesting, but I don't know how
to do it.
Regards,
Ulrich