Date: Sun, 30 Jan 2005 11:56:12 -0600 From: <fuser9bb@hotpop.com> To: <questions@freebsd.org> Subject: Centralized accounts for FreeBSD jails? Message-ID: <01ab01c506f4$fe507600$3601a8c0@dpboxen>
next in thread | raw e-mail | index | archive | help
Hi, I am using jails under FreeBSD 4.10. They work great. However, we now have the problem of needing to be able to easily manage user accounts in the jails. From what I've read you can't do NIS very well with jails. Has anyone used LDAP with jails? I'm thinking we may be able to tie in LDAP via PAM under FreeBSD 4.10 jails and the host server to a central LDAP directory. Or are there other suggested methods for doing this? What I like about LDAP is the nis schema. Can we duplicate the ability of NIS to disallow some accounts from accessing some servers (actually, jails), but be able to access others? For example, I want joe and sue to be able to ssh into ssh.example.com but not into www.example.com, even though both systems use the same LDAP directory for accounts (so joe and sue technically have valid accounts on www.example.com, but they aren't authorized to use that server).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01ab01c506f4$fe507600$3601a8c0>