[Date Prev][Date Next]
RE: Restricting Logon permission
- To: "Daniel Davidson" <firstname.lastname@example.org>, <OpenLDAP-Software@OpenLDAP.org>
- Subject: RE: Restricting Logon permission
- From: "Wade Winright" <WadeW@digeo.com>
- Date: Wed, 5 Mar 2003 13:37:04 -0800
- Content-class: urn:content-classes:message
- Thread-index: AcLjXvKcLpWgNO+iRz6pkYaR8Jm2lwAACZAo
- Thread-topic: Restricting Logon permission
As far as I know, the easiest way to do this is to set up your ldap server, make each box a client, and then create a group with only the people allowed to access the servers in it. Then modify your pam configs to only allow login access to that group. Hope this helps...
From: Daniel Davidson [mailto:email@example.com]
Sent: Wed 3/5/2003 1:46 PM
To: Wade Winright; OpenLDAP-Software@OpenLDAP.org
Subject: Re: Restricting Logon permission
Yes, I can use PAM, that is how we are going to be authenticating on the
machines. But how would you have pam restrict this?
On Wednesday 05 March 2003 03:26 pm, Wade Winright wrote:
> Can you utilize pam? If you are using Linux or Solaris, I believe this
> would be the best way to implement this...
> -----Original Message-----
> From: Daniel Davidson [mailto:firstname.lastname@example.org]
> Sent: Wed 3/5/2003 1:04 PM
> To: OpenLDAP-Software@OpenLDAP.org
> Subject: Restricting Logon permission
> We are working on trying unifying our password database via openldap, and I
> am looking for a way to restrict logon rights, so only certain people can
> log onto some servers. For example I do not want everyone to be able to
> log onto a machine we use for testing applications before we make them
> public, but it would be nice if we could use ldap for authentication.
> thanks for any help,