How to assign access privileges to users in LDAP server
 

In researching current ldap issue (not being able to do anything but log in) it seems that there are no concepts of privileges, roles, etc. that could be assigned to a user in LDAP.
I've only seen fields that deal with name, organization, etc., not with application-specific access control.

I have to assign certain access privileges to users authenticated via LDAP server based on the privilege level mentoned in the LDAP server. How to attain this.

As in - access controls?
http://www.zytrax.com/books/ldap/ch6/

access to <what> [ by <who> [<accesslevel>] [<control>] ]+

How to assign access privileges to users in LDAP server
 

Hi Simon Bridge,

I'm giving my problem here more clearly.
I have an LDAP server in a remote location. My LDAP client is the router I'm using. All the users that are logged into the router are privileged as Administrator, Guest and SSLVPN users. Usually these user privileges are set by the Router itself. But now, my requirement is that I should get this user privilege information from the LDAP server.

Can you please help me here as how to set the privileges and how to get this info from server.

Thanks in Advance,
Neelima.

OK - I can see that.

http://www.yolinux.com/TUTORIALS/Lin...XLDAPTUTORIALS
Has several section about user passwordds and privileges - you'd have to adapt them to your requirements. Its a tad old but still useful for understanding.

I'll sleep on it.

Hi Simon Bridge,

That tutorial was really useful to understand the process of authentication, but has no clue of how to pass attributes from the LDAP server to LDAP client.

Can any body please help me here?

Thanks in advance,

Neelima.

The server decides, not the client.

/etc/openldap/slapd.conf you'll see that you can specify the ACLs of what data users can read and/or write.
http://www.gentoo.org/doc/en/ldap-howto.xml
... has some examples.