hi,
i'm using sssd (1.9.4 fedora 18).
i was wondering if sssd supports any kind of pattern in the ldap_access_filter directive to check access based on the pam service name being accessed.
for example:
ldap_access_filter memberOf=cn=$service,ou=services,...
i would like to check group membership rather than using an attribute like authorizedService.
nss-pam-ldapd [1] supports this kind of pattern expansion for example
[1] http://arthurdejong.org/nss-pam-ldapd/nslcd.conf.5
regards joke de buhr