From owner-freebsd-questions@FreeBSD.ORG Thu May 12 20:59:33 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 999B516A4CE for ; Thu, 12 May 2005 20:59:33 +0000 (GMT) Received: from blues.jpj.net (blues.jpj.net [208.210.80.156]) by mx1.FreeBSD.org (Postfix) with ESMTP id D846843D39 for ; Thu, 12 May 2005 20:59:32 +0000 (GMT) (envelope-from benh@jpj.net) Received: from [192.168.11.10] (dryden.horked.net [66.93.193.167]) by blues.jpj.net (8.12.9p2/8.12.9) with ESMTP id j4CKxYUR000541 for ; Thu, 12 May 2005 16:59:38 -0400 (EDT) (envelope-from benh@jpj.net) X-Sender: benh@blues.jpj.net Message-Id: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Thu, 12 May 2005 15:59:24 -0500 To: freebsd-questions@freebsd.org From: Ben Hockenhull X-Scanned-By: MIMEDefang 2.51 on 208.210.80.156 Subject: Netgroups and LDAP? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 May 2005 20:59:33 -0000 I'm setting up a couple of servers that will check authentication against an LDAP server, and so far, things are going well. I have pam and nss_ldap and all of that functioning, but I'm trying to figure out netgroups. I only want certain (large, broad) groups of people to be able to login to a given server, and I believe I'm looking to implement netgroups to do that, but I haven't been able to find any documentation on how to do that with FreeBSD. Any pointers (to config examples, ldif-format schemas that incorporate netgroups, etc) or other ideas would be greatly appreciated. If there's another way to limit logins via LDAP, I'd be interested in hearing about that, too. Thanks Ben