Hi all,
I've setup a FreeBSD server to bind to a remote LDAP server. LDAP users that belong to a particular local group can log in on the FreeBSD server using SSH/SFTP.
I know that I can't set a dedicated login class for my LDAP users, because login(1) is supposed to find the login class in the system password file (where my LDAP users don't exist, obviously).
I wonder if it's possible to set the config file nss_ldap.conf so that it will enforce a login class for LDAP users. I could use the configuration directive nss_default_attribute_value attribute value, but I've no idea what to use as an attribute name.
Any idea about that?
I've setup a FreeBSD server to bind to a remote LDAP server. LDAP users that belong to a particular local group can log in on the FreeBSD server using SSH/SFTP.
I know that I can't set a dedicated login class for my LDAP users, because login(1) is supposed to find the login class in the system password file (where my LDAP users don't exist, obviously).
I wonder if it's possible to set the config file nss_ldap.conf so that it will enforce a login class for LDAP users. I could use the configuration directive nss_default_attribute_value attribute value, but I've no idea what to use as an attribute name.
Any idea about that?