Susan wrote:
Yes, but it is not LDAP standard and not portable. account is a structural objectclass - that means you are not supposed to add it to an entry that already has a structural objectclass. See the NOTE under Old Method - http://directory.fedora.redhat.com/wiki/Howto:PosixFor host-based access control, the new method says to do the following: New Method There is already an AUXILIARY objectclass provided with the pam/nss ldap distribution on Linux systems: hostObject. On a RHEL4 system, this is in the schema file /usr/share/doc/nss_ldap-226/ldapns.schema in OpenLDAP format. You can convert to Fedora DS schema format using Howto:OpenLDAPMigration like so: perl ol-schema-migrate.pl /usr/share/doc/nss_ldap-226/ldapns.schema > /opt/fedora-ds/slapd-localhost/config/schema/61ldapns.ldif However, I was able to get that working without the schema conversion, by adding 'account' objectClass and then the host attribute. It works fine and is much simpler, really...
__________________________________________________ Do You Yahoo!?Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
