Learn more about these different git repos.
Other Git URLs
Expand certain variables within the "ldap_access_filter" directive to build more expressive pam access rules.
nss-pam-ldapd [1] expands the variables like "$hostname" and "$service" within the access filter "pam_authz_search".
This way access can be granted based on:
checking group membership like "memberOf=cn=${service},ou=services,..." rather than using the authorizedService attribute.
many more complex access checks using the ldap search syntax.
This request refers to [2].
[1] http://arthurdejong.org/nss-pam-ldapd/nslcd.conf.5
[2] https://lists.fedorahosted.org/pipermail/sssd-users/2013-June/000730.html
Fields changed
summary: ldap_access_filter with variable expansion => [RFE] ldap_access_filter with variable expansion
milestone: NEEDS_TRIAGE => SSSD Deferred type: feature => enhancement
rhbz: => todo
Metadata Update from @joke: - Issue set to the milestone: SSSD Patches welcome
Thank you for taking time to submit this request for SSSD. Unfortunately this issue was not given priority and the team lacks the capacity to work on it at this time.
Given that we are unable to fulfill this request I am closing the issue as wontfix.
If the issue still persist on recent SSSD you can request re-consideration of this decision by reopening this issue. Please provide additional technical details about its importance to you.
Thank you for understanding.
Metadata Update from @pbrezina: - Issue close_status updated to: wontfix - Issue status updated to: Closed (was: Open)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3024
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.