1

Following is the scenario in the picture, We have one server at back and five other servers (running 5+ applications). We are developing LDAP instead of basic Database authentication rule in which we have to set it manually. Obviously, We have different roles like: Developer, Support, Managers, Directors, etc.

So, Our aim is to give permissions respectively. For example. A user who fall in developer group can edit and commit, while support person can view only. Please feel free if my concept is wrong.

Technologies:

  • Wamp Server 2.5
  • Apache 2.4.9
  • PHP 5.5
  • MySQL 5.6
  • LDAP Ubnutu v3

Following are my Questions:

  • Does LDAP allow user permission mechanism? or I want any other third party software. In case to - NO, Do I have to make application capable to act like this?
  • Does LDAP users/groups are linked with Linux sudoers user? in: visudo i.e. /etc/sudoers
Sarz
  • 111

1 Answers1

0
  • Yes, you can use LDAP for handling permissions with a wide range of options, depending on what your app supports.
  • If you use LDAP as an NSS source for users and groups, you can hand out sudo rights to it just like users coming from /etc/passwd.
Sven
  • 100,763