Best way to do LDAP user based server restrictions?