Sigurður Bjarnason
2006-Nov-29 09:25 UTC
[Fedora-directory-users] Authentication and access rights
Hi all I am new to Fedora Directory Server, I have manage to set it up all right but I have one simple question as such.. :-) Before I will put a lot of effort into setting it up for my production env I would like to know atleast one thing.... When I manage to connect client to the directory server will I be able to control the users access to client thought the directory on file level? That is if for some reason I would not allow the user to access or read certain files or folders on the client could that be controlled in the Directory ? Regards Siggi
Richard Megginson
2006-Nov-29 15:06 UTC
Re: [Fedora-directory-users] Authentication and access rights
Sigurður Bjarnason wrote:> > Hi all > > I am new to Fedora Directory Server, I have manage to set it up all > right but I have one simple question as such.. J > > Before I will put a lot of effort into setting it up for my production > env I would like to know atleast one thing…. When I manage to connect > client >It depends - what is the client? If the client is an OS, Fedora DS uses the standard posix objectclasses and attributes.> > to the directory server will I be able to control the users access to > client thought the directory on file level? > > That is if for some reason I would not allow the user to access or > read certain files or folders on the client could that be controlled > in the Directory ? >You can''t control this through the directory server unless the client can already model the file/folder relationships through the directory server. Usually clients don''t do this unless you are using some sort of policy engine like SiteMinder, and even that won''t work for OS file/folder permissions. That is normally used for web site URL access. Usually ldap+os integration means that you still set file/folder ownership and permissions using the familiar chown and chmod commands, but the actual uid/gid information is looked up in ldap rather than from /etc/passwd and /etc/groups.> > Regards > > Siggi > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >