LDAP confusion

More reading about LDAP, directory services and the like. While everything is so beautiful according to all documentation, noone cares to actually explain some concepts. We do have OpenLDAP up and running for simple things like global addressbook. Now, how do I give different people different access on different machines? Sudo is good. Sudo is working. But I do have a problem figuring out how to give person A access to host A with ssh, and person B access to host B with ssh and ftp. Whatever I do ends up either in the land of perl scripts or in the land of LDAP aliases, which don’t work with all the versions of both LDAP and Berkley DB.

Leave a Comment