Adam Tauno Williams wrote:
It appears that
you have users stored in one OU and Computers stored in another OU. I
don't believe this is supported right now. (I believe this is because
PAM will only search one OU for a UNIX user instead of multiples.)
NSS will only search one OU for account type objects; and both machines
and user are accounts.
While quite correct in most instances, it somewhat confuses the issue to
state this.
NSS will search one SCOPE for whatever it is you're looking
The term "scope" in LDAP refers only to the depth of the search
performed: base, one, or sub. A search has four compnents: root,
filter, scope, and context (the security credentials of the users, their
source IP address, etc...). It is entirely correct to refer to the,
albiet subordinate, contents of an OU as contents of that OU.
Ok, I'll accept bashing on that one... I was searching for a generalized
term to apply. AFAIK, there's no reason you have to limit your search to
an OU object class, unless the documentation is hiding that fact
somewhere that I've not run across. That's the crux of what I was
getting at, saying that the terminology "OU" is unnecessarily
restrictive. Feel free to point me towards enlightenment if I'm wrong.
--
--
Paul Gienger Office: 701-281-1884
Applied Engineering Inc.
Systems Architect Fax: 701-281-1322
URL: www.ae-solutions.com mailto: [EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
