Join Log in
Score:0
avatar Server

Mapping LDAP eduPerson to posixAccount

id flag
loris

I have a central LDAP server which provides me with a DIT containing eduPerson entries. I want to import these entities into a second LDAP server as posixAccount entries, so that users can log into a Linux machine by authenticating against this second LDAP server. Passwords are handled by a separate RADIUS server.

Currently a script calculates differences between the two LDAP server generates an LDIF file which is used to create or delete entries on the second LDAP server. The script is also responsible for adding extra data needed for posixAccount, such as homeDirectory or loginShell.

Is there a better way of realising such a mapping between eduPerson and posixAccount?

(I am surprised that it is not easier to find information about this. It would seem to me to be quite a common requirement for many institutions. Or do the people running the Linux machines just manage their own local accounts?)

23
0 + 0
id flag
loris
Subsequently I have noticed hat the entities from the central LDAP server also have ```posixAccount``` as an object class, despite the mandatory attributes, such as ```homeDirectory```, being empty. I'm now looking at ways to supply the missing attributes via ```sssd```. However, I am still interested in other solutions people might have for this issue.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.