Re: Revisiting Map limit to map base option

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: Revisiting Map limit to map base option
Date: Mon, 7 Oct 2013 19:32:31 +0200 (CEST)

On Mon, 7 Oct 2013, Ashutosh Mahajan wrote:

We have machines where we only want to allow access from ~10 different'groups' in our LDAP directory. So we need to keep 10 base options innslcd.conf. As the limit is 7 it becomes a road-block for us.

Without more details on your configuration it is a bit difficult to guessbut an ACL such as with pam_authz_search in general scales better thanmany search bases. You may be able to use pam_authz_search: the onlylimitation is that the search has to return one or more entries.

Is there an alternative way to compiling our own binary (usingpam_authz_search, for example)? Sorry if it sounds stupid. I am new toldapd and also to LDAP. Can you increase it to, say, 31 in your nextrelease? That should be enough for everyone.


I will increase the number in the next 0.9 release.

--
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org/ --
--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/

Revisiting Map limit to map base option, Ashutosh Mahajan
- Re: Revisiting Map limit to map base option, Arthur de Jong

Prev by Date: Revisiting Map limit to map base option
Next by Date: Re: Revisiting Map limit to map base option
Previous by thread: Revisiting Map limit to map base option
Next by thread: Re: Revisiting Map limit to map base option