[CentOS] OpenLDAP rules

Eduardo Grosclaude eduardo.grosclaude at gmail.com
Fri Jul 21 17:17:54 UTC 2006


On 7/19/06, Cleber P. de Souza <cleberps at gmail.com> wrote:
>
> Hi list.
>
> Maybe this could be off-topic but here I think many have used OpenLDAP
> to unify yours authentication needs, allowing an unique username and
> password for all the corporate applications.
> My doubt is, which rules do you use to split all the user levels so
> that one user could be allowed to access app A but isn't allowed to
> access app B (think this about many apps)?
> Have you been using OU's to split user by app and copying them to each
> app that them must access? Using posix groups and filtering users by
> filters on each app?


As I see it, you should be creating as many OU's as user categories -roughly
one per app. Smack each user into as many OUs as needed, then filter on OUs
AND on POSIX groups as you see fit.

Thanks by the help.
>
> --
> Cleber P. de Souza
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



-- 
Eduardo Grosclaude
Universidad Nacional del Comahue
Neuquen, Argentina
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20060721/8b34c31f/attachment.html>


More information about the CentOS mailing list