I have been reading the red hat docs for red hat directory server and their great, but they assume a lot of previous knowledge.
I'm a Windows admin trying to learn about how ldap directory services work in linux (specifically 389) and I'm having trouble finding a good tutorial or even high level explanation of how access control works.
I setup a 389 server on centos and created some OUs and user objects, but my question is how do I grant these users access to client machines?
For example how can I setup a "domain admin" account (a la AD) in a linux environment with 389 server and grant that user administrative access to ever computer configured to authenticate with this domain?
Not asking for a step by step how-to, but maybe just a high level explanation of how this is works?
---------- Post added at 10:04 PM ---------- Previous post was at 09:24 PM ----------
I thought about this more and I realized what I'm really looking to understand is how directory services (like 389 server) can be used control file permissions.
For example, how would I make some folder on a workstation only accessible to members of the "cn=admins,ou=groups,dc=mydom,dc=local" group?
I'm a Windows admin trying to learn about how ldap directory services work in linux (specifically 389) and I'm having trouble finding a good tutorial or even high level explanation of how access control works.
I setup a 389 server on centos and created some OUs and user objects, but my question is how do I grant these users access to client machines?
For example how can I setup a "domain admin" account (a la AD) in a linux environment with 389 server and grant that user administrative access to ever computer configured to authenticate with this domain?
Not asking for a step by step how-to, but maybe just a high level explanation of how this is works?
---------- Post added at 10:04 PM ---------- Previous post was at 09:24 PM ----------
I thought about this more and I realized what I'm really looking to understand is how directory services (like 389 server) can be used control file permissions.
For example, how would I make some folder on a workstation only accessible to members of the "cn=admins,ou=groups,dc=mydom,dc=local" group?