> I'm using openldap with Samba as PDC in my server. Unfortunately i
> needed to use some attributes which were not available in any known
> schema by me like initialPassword and statusFlag. Therefore, i have
> created one schema for them and now I'm having some problems.
> The first idea was to use this statusFlag as one way to block
> unnecessary access to ldap server. For example, statusFlag = 1 means
> that the user cannot log in.
You realize that Samba supports this functionality natively? You can
lock user accounts via the SAM (pdbedit).
> But i don't know if this works and actually how to do that.
> Anyone can guess or have another suggestion to implement my idea?
We have an attribute ("morrisonactiveuser") that we use to deactivate an
account. Simply create an ACL rule that filters out the objects that
ate inactive within the bind context of you services (NSS, imapd,
etc...)
---
You are currently subscribed to ldap@umich.edu as: [EMAIL PROTECTED]
To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the
SUBJECT of the message.
