2009/11/23 Prashanth Sundaram <psundaram@xxxxxxxx>
Even if you can't specify several groups in groupdn you can always change the filter in pam_filter to something like :
(&(objectClass=posixAccount)(|(memberOf=Group1)(memberOf=Group2)))
Of course you need at first to enable the memberOf plug-in...
@+
Thanks Robert. That seems to work well.
But here is my scenario I have a bunch of Groups and not sure if I can specify multiple groupdn's in ldap.conf.
Group1= Developers on Project1 need access to only proj1 servers
Group2= QA on Project1 need access to proj1 servers only
Group3= sysadmins accesss to all servers
Even if you can't specify several groups in groupdn you can always change the filter in pam_filter to something like :
(&(objectClass=posixAccount)(|(memberOf=Group1)(memberOf=Group2)))
Of course you need at first to enable the memberOf plug-in...
@+
-- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
