[Fedora-directory-users] Authentication and access rights
Richard Megginson
rmeggins at redhat.com
Wed Nov 29 15:06:55 UTC 2006
SigurĂ°ur Bjarnason wrote:
>
> Hi all
>
> I am new to Fedora Directory Server, I have manage to set it up all
> right but I have one simple question as such.. J
>
> Before I will put a lot of effort into setting it up for my production
> env I would like to know atleast one thing…. When I manage to connect
> client
>
It depends - what is the client? If the client is an OS, Fedora DS uses
the standard posix objectclasses and attributes.
>
> to the directory server will I be able to control the users access to
> client thought the directory on file level?
>
> That is if for some reason I would not allow the user to access or
> read certain files or folders on the client could that be controlled
> in the Directory ?
>
You can't control this through the directory server unless the client
can already model the file/folder relationships through the directory
server. Usually clients don't do this unless you are using some sort of
policy engine like SiteMinder, and even that won't work for OS
file/folder permissions. That is normally used for web site URL access.
Usually ldap+os integration means that you still set file/folder
ownership and permissions using the familiar chown and chmod commands,
but the actual uid/gid information is looked up in ldap rather than from
/etc/passwd and /etc/groups.
>
> Regards
>
> Siggi
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20061129/9f11df92/attachment.bin>
More information about the 389-users
mailing list