On 7/19/06, Cleber P. de Souza <cleberps@gmail.com> wrote:
Hi list.

Maybe this could be off-topic but here I think many have used OpenLDAP
to unify yours authentication needs, allowing an unique username and
password for all the corporate applications.
My doubt is, which rules do you use to split all the user levels so
that one user could be allowed to access app A but isn't allowed to
access app B (think this about many apps)?
Have you been using OU's to split user by app and copying them to each
app that them must access? Using posix groups and filtering users by
filters on each app?

As I see it, you should be creating as many OU's as user categories -roughly one per app. Smack each user into as many OUs as needed, then filter on OUs AND on POSIX groups as you see fit.

Thanks by the help.

--
Cleber P. de Souza
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos



--
Eduardo Grosclaude
Universidad Nacional del Comahue
Neuquen, Argentina