[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: restricting login to individual hosts

On Thu, 27 Mar 2003, jacob walcik wrote:

>i've setup host entries for each of the servers i have that i want to
>use my ldap directory for authentication: server1, server2, and server3
>i've added a dozen or so users to my ldap directory: user1 - user12
>now, i want to be able to restrict users logins so that user1 can only
>log into server1 and server2, but can't log into server3
>is this possible?

One way to do so ist to use netgroups. Just create a netgroup holding the
users for a certain box. The only difference is that you cannot use

passwd: ldap

in nsswitch.conf anymore but must use

passwd: compat
passwd_compat: ldap

Works for Solaris and most likely for Linux

Hope this helps,

PGP fingerprint: B1 EE D2 39 2C 82 26 DA  A5 4D E0 50 35 75 9E ED
Phone:           +49 731 50 22464
FAX:             +49 731 50 22471