[ldap] Complex ldap query

Alan Batie Thu, 03 Jul 2008 19:54:05 -0700

I'm trying to use ldap for administrative system access, and thus would like the pam_ldap filter to query group membership as well as account state. Is it possible to do something like:


(&(uid=someadmin)(accountstate=active)(memberof=cn=servergrp1,dc=adminauth,dc=peak,dc=org))


where you have entries like:

dn: cn=servergrp1,dc=adminauth,dc=peak,dc=org
objectclass: top
objectclass: groupOfNames
cn: admintest
member: uid=alan,dc=peak,dc=org
member: uid=someadmin,dc=peak,dc=org

dn: uid=someadmin,dc=peak,dc=org
objectclass: inetorgperson
objectclass: posixaccount
objectclass: top
objectclass: person
objectclass: someotherthings
uid: vanyel
uidNumber: 10001
loginShell: /bin/bash
gidNumber: 100
homeDirectory: /home/someadmin
AccountState: ACTIVE

smime.p7s
Description: S/MIME Cryptographic Signature

---
You are currently subscribed to [email protected] as: [EMAIL PROTECTED]
To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the 
SUBJECT of the message.

[ldap] Complex ldap query

Reply via email to