Thanks for that. That will probably work for what I need. Just out of curiosity, is there a way to have host,group,users defined in ldap, so each host uses the same base dn, but depending on host/group in ldap, only groups that are assign to that host will be available?
-- Mladen Sekara <[email protected]> On Sat, 2014-07-12 at 09:24 +0200, Dieter Klünter wrote: > Am Sat, 12 Jul 2014 12:31:29 +1000 > schrieb Mladen Sekara <[email protected]>: > > > Hi all, > > > > Any way of restricting groups per host, so not all groups are > > available on every host... > > > > For example, host1 has a special user group defined, that is available > > to host1 only, host2 has it's own group etc. > > Both of these share the same users. > > man slapd.access(5), the <what> field and the <who> field. You > consider the statement peername.ip. > > -Dieter >
