[Date Prev][Date Next]
RE: Attributes for filtering OS logins
From: openldap-technical-bounces@OpenLDAP.org [mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Anton Chu
Sent: Wednesday, November 10, 2010 3:23 PM
Subject: Attributes for filtering OS logins
I have a scenario where I want to setup two LDAP groups where one group can access a file on the server while the other one cannot after they login. Can some PAM tweaks make this happen if not on the ldap side?
Without more info about the system, it sounds like you need to consider group memberships and set group permissions.
Group A - allowed
Group B - disallowed
Protected files permissions:
-rwxrwx--- (user) a-only
The above example doesn't take into consideration the owernship or permissions of its containing dir.
This isn't an LDAP or PAM issue - it's a local file permissions issue; unless I've totally misunderstood your question...
This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.