Created attachment 183936 [details] nss-pam-ldapd-0.9.8.loginClass.patch Currently, all users from LDAP are mapped to "default" login class. This patch adds very basic LOGIN_CLASS(3) support to net/nss-pam-ldapd. There is no loginClass or equivalent attribute in OpenLDAP NIS schema, but some other attributes could be easily mapped to loginClass attribute in nslcd.conf. This is the example how to map loginClass to "description" attribute, in absence of destcritpion in user field, the user is mapped to class "student": map passwd loginClass "${description:-student}" I am using this feature for more than two years, may be someone in the community will also find this patch useful.
Has this been submitted upstream yet? If not, please do so.
The upstream discards it silently as strictly BSDish related feature.