It's been a while, but I believe you need to define an object class for each of the resource types (Samba and DB2Connect), add the IP addresses to the resource types, define an object class for the groups, and then add the group object class to each user object class.
Useful help at: http://www.direct-to-linux.com/TUTORIALS/LinuxTutorialLDAP.html > -----Original Message----- > From: Lionel Dyck [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, June 19, 2002 5:23 PM > To: [EMAIL PROTECTED] > Subject: OpenLDAP Question > > > I'm reading but either don't see it or don't understand it so I hope > someone can help. > > Using OpenLDAP to provide a centralized security setup for > linux servers > is it possible to define a group to only be allowed to login > to a selected > set of available servers without allowing the user to logon to all > servers? > > For example there is a set of Samba servers and a set of DB2 Connect > servers. I want a group of users to only be able to login to the Samba > servers and not to the DB2 Connect servers, and vice versa. > I also want > to have a group of users that can logon everywhere. > > Can this be done? > > thanks > -------------------------------------------------------------------- > Lionel B. Dyck, Systems Software Lead > Kaiser Permanente Information Technology > 25 N. Via Monte Ave > Walnut Creek, Ca 94598 > > Phone: (925) 926-5332 (tie line 8/473-5332) > E-Mail: [EMAIL PROTECTED] > Sametime: (use Lotus Notes address) > AIM: lbdyck >
