Petter Reinholdtsen skrev: > [Finn-Arne Johansen] >> In a short distance I can see 2 or 3 more: > [...] >> Squid access information (Or maybe that should be provided based on >> netgroup) > > My proposal was to use subnet information in LDAP to grant squid > access. Do you believe it is a better idea to grant it per host > instead? Granting it to all hosts or users in a netgroup will be > easier, as we do not need to add subnet information in LDAP. > > If we grant access per subnet, clients on those subnets will work out > of the box without any updates to LDAP. If we grant it using > netgroups, the host need to be added to LDAP before it can get on the > net. This will make it required to add new hosts to netgroups before > we can PXE install them, if the use of a proxy is required.
Reading from the list, I guess most people woul like to allow all hosts, unless the specific host(s) is denied access. So I guess the easiest approach will be to allow all, unless the host(s) is listed in a specifiec netgroup (like DeniedInet or something) -- Finn-Arne Johansen [EMAIL PROTECTED] http://bzz.no/ EE2A71C6403A3D191FCDC043006F1215062E6642 062E6642 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
