Centralized accounts for FreeBSD jails?
fuser9bb at hotpop.com
fuser9bb at hotpop.com
Sun Jan 30 09:58:44 PST 2005
Hi, I am using jails under FreeBSD 4.10. They work great. However, we now
have the problem of needing to be able to easily manage user accounts in the
jails. From what I've read you can't do NIS very well with jails. Has anyone
used LDAP with jails? I'm thinking we may be able to tie in LDAP via PAM
under FreeBSD 4.10 jails and the host server to a central LDAP directory.
Or are there other suggested methods for doing this?
What I like about LDAP is the nis schema. Can we duplicate the ability of
NIS to disallow some accounts from accessing some servers (actually, jails),
but be able to access others? For example, I want joe and sue to be able to
ssh into ssh.example.com but not into www.example.com, even though both
systems use the same LDAP directory for accounts (so joe and sue technically
have valid accounts on www.example.com, but they aren't authorized to use
that server).
More information about the freebsd-questions
mailing list