thr3ads.net - Fedora directory users - [Fedora-directory-users] Creating a dynamic group to mirror a netgroup? [Mar 2007]

If this information is useful, please help other people find it:
Share via:

Philip Kime

2007-Mar-27 20:47 UTC

[Fedora-directory-users] Creating a dynamic group to mirror a netgroup?

Always the way - the LDAP enabled app/hardware falls one inch short of
doing what you need ... 
 
In this case a Juniper VPN box which I need to check LDAP netgroup
membership for access control  but it doesn''t quite understand
netgroups. The
 
nisnetgrouptriple=(,username,)
 
format is the stumbling block as I need just the username. I was looking
at creating a dynamic group on the LDAP server itself to contain the
same usernames as in the netgroup but in a simple format the VPN box
could query. Anybody have an idea how to do this with dynamic groups?
Essentially, I need a query to turn this:
 
cn=netgroup1
nisnetgrouptriple=(,user1,)
nisnetgrouptriple=(,user2,)
 
into something like this:
 
cn=dynamic-group1
uniquemember=user1
uniquemember=user2
 
PK
 
--
Philip Kime
NOPS Systems Architect
310 401 0407

Fedora directory users - Mar 2007 - Creating a dynamic group to mirror a netgroup?

[Fedora-directory-users] Creating a dynamic group to mirror a netgroup?