LDAP Moon on a stick
LDAP's one of these things I keep meaning to get into but never get further with than creating a bunch of basic accounts, that's it, I keep meaning to do more with it such as configuring it for use on my wireless network.
What I want to do is this:
Create and user account but with specific information to attributes, for example, instead of just one loginShell have 3 loginShell's
loginShell: /bin/bash
loginShell1: /bin/ksh
loginShell2: /bin/chroot-shell
And the same also for passwords.
userPasswd: XXXXXXXXXXXXX
userPasswd1: XXXXXXXXXXXXX
userPasswd2: XXXXXXXXXXXXX
The idea being I want to have eventually 3 groups of servers where I can have different user configurations, for example a group of servers where some users only have a chrooted environment, and can give them different passwords for these environments, but without having to create a different subtree and duplicate a lot of the information and effort maintaining.
I'm reluctant to create a custom schema and then map the custom attribute on the client as I don't want to come into conflict with any other schema's I may use in future. Because I've not done much with ldap I'm hoping that there's something I've overlooked or a function not often covered that might achieve this.
Thanks for any help
|