I've been searching everywhere for the past week and haven't found a
solution. I would like to be able to assign access to servers based
upon membership to a group or role. For example, if I create a
group/role called "Web Servers", everyone in that group can access all
the web servers. Everyone in the group/role "Database Servers" would be
allowed to log into the database servers. Users can be part of multiple
groups.
There has to be a way to do this already. All the clients are running
OpenLDAP and can already authenticate to the Directory Server. To
implement this solution, would I have to change ldap.conf or
system-auth?
Thanks,
Jason
Show replies by date