[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Newbie question - How to do server based access control ?



>>>>> ""InfoNavigator" == "InfoNavigator  <- Ldap" <ldap@infonavigator.be>> writes:

    "InfoNavigator> High, we are looking into openldap as a way to
    "InfoNavigator> provide single sign-on to our unix network

    "InfoNavigator> I searched through the entire documentation, but
    "InfoNavigator> there is one tricky question remaining

    "InfoNavigator> Suppose I have several machines which all
    "InfoNavigator> authenticate against the ldap server, how can I
    "InfoNavigator> make sure that a user can login to server1, but
    "InfoNavigator> not to server2

http://www.bayour.com/LDAPv3-HOWTO.html


>From these URL's, you might find what you need...

http://www.bayour.com/openldap/pam_ldap.conf.txt
        The 'pam_filter' line

http://www.bayour.com/openldap/slapd.conf.txt
        The 'include /etc/ldap/schema/trust.schema' line

http://www.bayour.com/openldap/schemas/trust.schema
        The actual schema

http://www.bayour.com/openldap/slapd.access.txt
        My ACL file


-- 
 Turbo     __ _     Debian GNU     Unix _IS_ user friendly - it's just 
 ^^^^^    / /(_)_ __  _   ___  __  selective about who its friends are 
         / / | | '_ \| | | \ \/ /   Debian Certified Linux Developer  
  _ /// / /__| | | | | |_| |>  <  Turbo Fredriksson   turbo@tripnet.se
  \\\/  \____/_|_| |_|\__,_/_/\_\ Stockholm/Sweden