not possible to map login class (BSD)

[ghost]

In the BSD world we have another user attribute known as a login class. The login class lets us apply limits to users via /etc/limits.conf or on FreeBSD also via the new Resource Accounting (rctl). Unfortunately all users in LDAP via nss-pam-ldapd/nslcd get the "default" login class. I have added the userClass attribute to user objects in Active Directory and wish to make this mapped to the user login class on my servers. This is something that OpenBSD's ypldap daemon can do (https://man.openbsd.org/ypldap.conf.5#class) and inspired me to look for this feature in nss-pam-ldapd.

I am currently looking into the code to see how I can make this possible, but I am a complete novice in this area.

[ghost]

for more clarification, in FreeBSD this data is stored in /etc/master.passwd file. It has all of these attributes for a user:

       name          User's login name.

       password      User's encrypted password.

       uid           User's id.

       gid           User's login group id.

       class         User's login class.

       change        Password change time.

       expire        Account expiration time.

       gecos         General information about the user.

       home_dir      User's home directory.

       shell         User's login shell.

I believe class is the only thing we can't get from LDAP right now.