For host-based access control, the new method says to do the following:
New Method
There is already an AUXILIARY objectclass provided with the pam/nss ldap distribution on
Linux
systems: hostObject. On a RHEL4 system, this is in the schema file
/usr/share/doc/nss_ldap-226/ldapns.schema in OpenLDAP format. You can convert to Fedora DS
schema
format using Howto:OpenLDAPMigration like so:
perl ol-schema-migrate.pl /usr/share/doc/nss_ldap-226/ldapns.schema >
/opt/fedora-ds/slapd-localhost/config/schema/61ldapns.ldif
However, I was able to get that working without the schema conversion, by adding
'account'
objectClass and then the host attribute. It works fine and is much simpler, really...
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com