Re: Fine grained access control

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: Fine grained access control
Date: Mon, 03 Sep 2012 21:58:11 +0200

On Sun, 2012-09-02 at 03:45 +0200, Richard Pijnenburg wrote:
> I've worked with the pam_groupdn in pam_ldap.conf to specify the group
> it has to be in. I've build that group up with 'groupOfURLs' to
> dynamically combine  other groups into 1 group.
> The result of that search returns a list of dn's of the users. ( 
> member: uid=user,ou=people,dc=..... )
> Im wondering how i can transform that functionality into the 
> pam_authz_search way.

Can you give an example of a group as LDIF snippet?

I don't think nested groups can be easily done with pam_authz_search but
anything that ldapsearch can do pam_authz_search also probably does.

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org --

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/

Re: Fine grained access control, (continued)
- Re: Fine grained access control, Arthur de Jong
  - Re: Fine grained access control, Richard Pijnenburg
    - Re: Fine grained access control, Arthur de Jong
      - Re: Fine grained access control, Richard Pijnenburg
        
        Re: Fine grained access control, Arthur de Jong
        
        Re: Fine grained access control, Richard Pijnenburg
        Re: Fine grained access control, Arthur de Jong
        Re: Fine grained access control, Richard Pijnenburg
        Re: Fine grained access control, Richard Pijnenburg

Prev by Date: Re: Fine grained access control
Next by Date: Re: Fine grained access control
Previous by thread: Re: Fine grained access control
Next by thread: Re: Fine grained access control