Hi!
Can nss_ldap be configured to search for user entries with a filter that
looks for the supplied username in multiple attributes? For example,
when I do 'getent passwd test', I would like nss_ldap to query the LDAP
server for
'(&(objectclass=posixAccount)(|(uid=test)(otherAttribute=test)))'
The reason behind this would be to allow authenticating using a
mail address, certificate serial number or some other information stored
in LDAP against openssh's sshd, which runs a
getpwent(username-sent-over-network) to decide if a user is valid or
not, while still keeping the real username in the environment.
I could set 'nss_map_attribute uid mail', but all users
would then be listed with that attribute when listing file/process
ownership. Also, it would be nice if I could have some users logging in
via their mail address, and some via their username.
Regards,
\EF
--
Erik Forsberg OpenSource-based Thin Client Technology
Systems Analyst/Developer Phone: +46-13-21 46 00
Cendio AB Web:
http://www.cendio.com
