Re: [nssldap] Howto get the "host" attribute for pam_check_host_attr of pam_ldap?

[Alexander Skwar <listen [at] alexander.skwar.name>]

Matthew Hardin schrieb:
> Hi Alexander,
> 
> Your question is better posted to the pam_ldap mailing list, but it makes
> little difference.

Hm, for some reason or the other, I missed this list. You're
of course right - but I won't post my message there, now that
it's solved ;)

> You have correctly determined that the 'host' attribute is part of the
> 'account' object class, but since that is an object class with a different
> inheritance chain, it is not possible to use with object class posixAccount.

Thanks for the confirmation. As you might have noticed, I'm
new to LDAP, and thus am glad, when I get something right ;)

> The pam_ldap distribution from PADL includes a file called ldapns.schema
> which defines an auxiliary object class hostObject. You still need to
> include the schema file cosine.schema (it defines the 'host' attribute) in
> slapd.conf, but by adding ldapns.schema you can add objectclass hostObject
> and attribute 'host' to your user objects.
> 
> I hope this answers your question.

Yes, it absolutely does!

Thanks a lot,

Alexander Skwar
-- 
"Love is an ideal thing, marriage a real thing; a confusion of the real with
the ideal never goes unpunished."
-- Goethe