I've been searching through both the openldap, and this mailing list for any reference to defining server-side ACLs to allow/restrict access to certain computers, or groups of computers based on the group that the user is associated with. One reference I found was this: http://www.openldap.org/lists/openldap-software/200408/msg00280.html But there are no responses to this query. Neither the OReilly, or the "Understanding and Deploying Ldap Directory Services" books I have make any solid mention of this either, and online searching has uncovered little, at best. Does anyone have any ideas if this is even possible, and if it is, are there any references I can use as a template to begin implementation and testing of this? Thanks for any help you can offer.
