Hi...
After a while I got my 389ds ldap now up and running for users accounts, groups, dns and dhcp. Everything fine fast and stable (even I am running it on OpenSuse).
But I got a question on how to realize a certain idea with 389ds.
I got a central LDAP directory. It contains all data. I am having different subnets but want to have a central user management.
Each subnet has different dedicated servers for user homeaccounts and each subnet has its own ldap server (replication consumer) to which each subnet referrs to. This is due to security/fault tolerance considerations and also due to different subsidiaries with sometimes slow network connection.
Example User "John":
He logs in in subnet A (eg from IP 192.168.1.100):
Unix homeaccount: /Servers/SubnetAServer/Users/John
Samba homeaccount: \\SubnetAServer\Users\John
He logs in in subnet B (eg from IP 192.168.2.100):
Unix homeaccount: /Servers/SubnetBServer/Users/John
Samba homeaccount: \\SubnetBServer\Users\John
(It is not possible to mask the servername for each subnet to be the same by dns).
Means the ldap search needs to return different attribute values when the search is performed from different subnets (all other values - like uids - shall remain constant). I don't want to have different user trees. User sometimes travel from subsidary to subsidary or are using different subnets at the same time. Can this be done by views or class of service or some other tricks/plugins? Has anyone done this already?
Thanks in advance,
Roland
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users