Re: [nssldap] template for some attributes

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: nssldap [at] padl.com
Subject: Re: [nssldap] template for some attributes
Date: Sun, 28 Feb 2010 09:01:59 +0100

On Tue, 2010-02-23 at 20:23 +0500, Илья Шипицин wrote:
> if I'm importing users from Active Directory, I'd like to
> specify /sbin/nologin as shell (for everyone) and /home/sAMAccountname
> as home dir, is it possible to do using nss_ldap ?

You could have a look at nss-pam-ldapd. It includes attribute mappings
with expressions (for some attributes) since version 0.7.2. You could
use something like:

  map passwd loginShell "/sbin/nologin"
  map passwd homeDirectory "/home/$sAMAccountname"

Note that not all attributes can be mapped this way, only those who
would not be used in search filters.

Also, it is a bad idea to map multiple users to the same numeric uid
(from the other thread) because there are some applications (most
notably Glibc's nscd) that assume the username and uid combination is
unique.

Hope this helps.

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org --

[nssldap] template for some attributes, Илья Шипицин
- Re: [nssldap] template for some attributes, Jeffrey Watts
- Re: [nssldap] template for some attributes, Arthur de Jong

Prev by Date: [nssldap] release 0.7.3 of nss-pam-ldapd
Next by Date: [nssldap] libnss_ldap leaks memory - causes nscd to grow
Previous by thread: Re: [nssldap] template for some attributes
Next by thread: [nssldap] release 0.7.3 of nss-pam-ldapd