I am new to openldap. I am trying to restrict groups of users to groups hosts on centos machines. Netgroups or pam_access seem to get me part of the way there. However I do not want to touch the clients very much and would like them to have a uniform configuration. I would like ldap to hold the host groups, user groups and acl's for them. Is there a way do this? Thank You for any help you can provide. Martin