>>What exactly does that mean in your context? In my set up when I provide access to a user, he gets access to all the servers managed by our ldap which is not at all what we would like to give.
So, this way I am trying to further enforce which user would have access to what . I will write few scripts to automate the process. Is there a better approach to this. >>You can do that but why? Which LDAP client does expect the hosts to be in e.g. a space separated list. The only issue I see here is when i do a "ldapseacrch -x" it would run into many lines . Was trying to just limit that. ~Rakesh On Wed, Mar 4, 2015 at 4:00 AM, Michael Ströder <[email protected]> wrote: > Rakesh Rajasekharan wrote: > > I am trying to set up a host based authentication. > > What exactly does that mean in your context? > > > For that ,am modifying > > the host attribute of existing users through an ldif file as below > > > > dn: uid=sam,ou=People,dc=example,dc=com > > changetype: modify > > add: objectClass > > objectClass: hostObject > > Using 'hostObject' for human users does not sound like a good choice. > > Object class 'account' has "MAY host" in its object class description. > > > - > > add: host > > host: abc > > host: xyz > > > > > > Is there a way I can put the lidt of hosts in a single line > > something like this > > > > host: xyz abc > > You can do that but why? Which LDAP client does expect the hosts to be in > e.g. > a space separated list. > > Ciao, Michael. > >
