[Date Prev][Date Next] [Chronological] [Thread] [Top]

using ldap ssh, proftpd and apache.

I've used a lot ldap with samba to create multiple pdc.

Now I want to use ldap for all my services.

Let's suppose you've got a server with ssh, apache, proftpd, postfix, an
imap  server,  a  webmail  and  squid. Every  user  will  have  got  the
possibility of using  the mailservices, I've read  the documentation for
it and I know how to do it.

But I don't want  that every user of the mailservices  can even use ssh,
ftp and so on. So I'd like to know if there's a way to store in ldap the
information about the  possibility of logging in with  ssh, upload files
with proftpd,  use the proxy, accessing  parte of the websites  using an
autetication system with apache.

The  documentation of  proftpd says  that it  can connect  with an  ldap
server  but  I cannot  find  a  way to  limit  the  access to  the  only
autorizated users.

For squid, ssh and apache I don't have got any idea.

The  only  possible  solution  I've  found  is that  if  I  use  pam  to
autenticate  my  users  I  just  can put  something  like  this  in  the
configuration files:

auth required pam_ldap.so filter=(uid=*a*)

So I could add some fields  to my users like UserCanLogin, UserCanDoFtp,
UserCanUseProxy and then filter them upon their values. But in this case
I still  have got a trouble:  should I write a  schema on my own  to get
these entries  or does anyone of  you know if there's  something already

Thank you.

Non c'è più forza nella normalità, c'è solo monotonia.

Attachment: signature.asc
Description: Digital signature