[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Restricting Logon permission

As far as I know, the easiest way to do this is to set up your ldap server, make each box a client, and then create a group with only the people allowed to access the servers in it. Then modify your pam configs to only allow login access to that group. Hope this helps...

-----Original Message-----
From:	Daniel Davidson [mailto:danield@life.uiuc.edu]
Sent:	Wed 3/5/2003 1:46 PM
To:	Wade Winright; OpenLDAP-Software@OpenLDAP.org
Subject:	Re: Restricting Logon permission
Yes, I can use PAM, that is how we are going to be authenticating on the 
machines.  But how would you have pam restrict this?



On Wednesday 05 March 2003 03:26 pm, Wade Winright wrote:
> Can you utilize pam? If you are using Linux or Solaris, I believe this
> would be the best way to implement this...
> -----Original Message-----
> From:	Daniel Davidson [mailto:danield@life.uiuc.edu]
> Sent:	Wed 3/5/2003 1:04 PM
> To:	OpenLDAP-Software@OpenLDAP.org
> Cc:
> Subject:	Restricting Logon permission
> We are working on trying unifying our password database via openldap, and I
> am looking for a way to restrict logon rights, so only certain people can
> log onto some servers.  For example I do not want everyone to be able to
> log onto a machine we use for testing applications before we make them
> public, but it would be nice if we could use ldap for authentication.
> thanks for any help,
> Dan