[ale] OpenLDAP Question
Chris Ricker
kaboom at gatech.edu
Fri May 14 10:58:00 EDT 2004
On Thu, 13 May 2004, Jonathan Glass wrote:
> I haven't done much research yet, but from what I've read on OpenLDAP,
> this idea should be possible.
>
> I have a pseudo-extranet running, and the webmaster controls the
> accounts on it via .htaccess files. I'm building a new server to handle
> all auth using LDAP (for staffers). What I'd like to do is allow the
> webmaster control over a small subset of users so she can manage their
> accounts and passwords sans my help. Anyone care to offer any
> thoughts? Good idea, bad idea, security risk, impossible?
You can certainly do that sort of thing, and it's fairly standard practice
to delegate out control of portions of the tree like that....
On a slightly related note, you might also find
<http://www.duke.edu/~gettes/giia/ldap-recipe/> useful. There's some effort
towards creating best-practice LDAP schemas for .edu needs, and that's a
starting place for getting into that.
later,
chris
More information about the Ale
mailing list