Susan wrote:
For host-based access control, the new method says to do the
following:
New Method
There is already an AUXILIARY objectclass provided with the pam/nss ldap distribution on
Linux
systems: hostObject. On a RHEL4 system, this is in the schema file
/usr/share/doc/nss_ldap-226/ldapns.schema in OpenLDAP format. You can convert to Fedora DS
schema
format using Howto:OpenLDAPMigration like so:
perl ol-schema-migrate.pl /usr/share/doc/nss_ldap-226/ldapns.schema >
/opt/fedora-ds/slapd-localhost/config/schema/61ldapns.ldif
However, I was able to get that working without the schema conversion, by adding
'account'
objectClass and then the host attribute. It works fine and is much simpler, really...
Yes, but it is not LDAP standard and not portable. account is a
structural objectclass - that means you are not supposed to add it to an
entry that already has a structural objectclass. See the NOTE under Old
Method -
http://directory.fedora.redhat.com/wiki/Howto:Posix
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users