[Samba] Restricting file server access by group
Alex McKenzie
alex at chem.umass.edu
Tue May 18 09:48:43 MDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This is for the same file server I wrote about earlier.
I would like to restrict access by group, as defined in LDAP. The
obvious solution is to add a filter to the login LDAP search that
restricts to gidNumber=10038 or 10001, since those are the groups I
need. From what I'm seeing, I need to add that to /etc/ldap.conf in the
nss_base_ section, but how to do it isn't clear.
Do I just enter it as a standard LDAP filter? In this case, I think I'd
want (|(gidNumber=10038)(gidNumber=10001)), but it's really not clear
the syntax really isn't clear from the file. Would it just be
nss_base_passwd (|(gidNumber=10038)(gidNumber=10001))?one
That's what it looks like, anyway... if anyone can give me an answer,
or at least point me towards a good source of documentation on this, I'd
appreciate it.
Thanks,
Alex McKenzie
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkvyttoACgkQWFYfIucpZ2ObvgCfSM9nizx9FgEwHJ+RDAGG6v/Q
C8EAn3C4d7rznRFcdLT/T/qL74lpPAY8
=uSMj
-----END PGP SIGNATURE-----
More information about the samba
mailing list