Centralized accounts for FreeBSD jails?

fuser9bb at hotpop.com fuser9bb at hotpop.com
Sun Jan 30 09:58:44 PST 2005

Hi, I am using jails under FreeBSD 4.10. They work great. However, we now 
have the problem of needing to be able to easily manage user accounts in the 
jails. From what I've read you can't do NIS very well with jails. Has anyone 
used LDAP with jails? I'm thinking we may be able to tie in LDAP via PAM 
under FreeBSD 4.10 jails and the host server to a central LDAP directory.

Or are there other suggested methods for doing this?

What I like about LDAP is the nis schema. Can we duplicate the ability of 
NIS to disallow some accounts from accessing some servers (actually, jails), 
but be able to access others? For example, I want joe and sue to be able to 
ssh into ssh.example.com but not into www.example.com, even though both 
systems use the same LDAP directory for accounts (so joe and sue technically 
have valid accounts on www.example.com, but they aren't authorized to use 
that server).

More information about the freebsd-questions mailing list