[Date Prev][Date Next]
RE: Restricting Logon permission based on 'host' attribute ?
someone mentioned that using "PDAM-LDAP" and "NSS-LDAP", there would be a
'host' attribute in one of the schemas that can be used to define a list of
hostnames on which a user is allowed to login.
How does this map to the standard PAM modules shipped on a Solaris-9 server
Is there a special entry that needs to be added/modifed in its /etc/pam.conf
> -----Original Message-----
> From: Daniel Davidson [mailto:firstname.lastname@example.org]
> Sent: donderdag 6 maart 2003 19:45
> To: OpenLDAP-Software@OpenLDAP.org
> Subject: Re: Restricting Logon permission
> Nevermind, I was looking at the wrong file.
> On Thursday 06 March 2003 10:58 am, Daniel Davidson wrote:
> > Thanks for the help, although I still have a few questions.
> > I found the host attribute in cosine.schema, however to get
> this to start
> > working, dont I have to change something in nsswitch.conf?
> If so, can you
> > tell me what the line is supposed to be.
> > thanks again,
> > Dan
> > On Wednesday 05 March 2003 03:59 pm, tsg wrote:
> > > Среда 05 Март 2003 22:26, Wade Winright написал:
> > > > Can you utilize pam? If you are using Linux or Solaris,
> I believe this
> > > > would be the best way to implement this...
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Daniel Davidson [mailto:email@example.com]
> > > > Sent: Wed 3/5/2003 1:04 PM
> > > > To: OpenLDAP-Software@OpenLDAP.org
> > > > Cc:
> > > > Subject: Restricting Logon permission
> > > > We are working on trying unifying our password database
> via openldap,
> > > > and I am looking for a way to restrict logon rights, so
> only certain
> > > > people can log onto some servers. For example I do not
> want everyone
> > > > to be able to log onto a machine we use for testing
> applications before
> > > > we make them public, but it would be nice if we could
> use ldap for
> > > > authentication.
> > > >
> > > > thanks for any help,
> > > >
> > > > Dan
> > >
> > > If You use PAM-LDAP & NSS-LDAP there is attribute "host"
> in pam-ldap
> > > schema, where You can list all hosts the User can log in.
> > > Sergios