[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Limiting host access

To: Bill MacAllister <whm@stanford.edu>
Subject: Re: Limiting host access
From: Jayavant Patil <jayavant.patil82@gmail.com>
Date: Mon, 21 Nov 2011 12:30:23 +0530
Cc: openldap-technical@openldap.org
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=aQsMen4cV/Ehh8ATL18FxEZVdrjFBihyYjfQAjSycZk=; b=Kj6N/KbDH71TGCNgNGm6cjG3GMKfWl20fFTXpMM66SC9e5DBLVdRDtapTEQRdxO5LS rkjkIuSxc1EOLiUJwzFQiyfAHJsGiaNaWV86FpdZTQ2h881XviFnawZjE/G1f4Lk6QZR 4Xl0MdIiSuOsmJY1zfhHMERI0QgKKwANwfg4o=
In-reply-to: <CAPDKCfdeLAJTeG-Wfr=4v09BpEhv_BuP9d8Xv+-ymyCM0VTizQ@mail.gmail.com>
References: <CAPDKCfey2rSXdv=0BT2YBj14OSYUAOhqpBdML3Pdt52BOhLP3g@mail.gmail.com> <28678B1333ADF74E123B73B7@10.0.0.32> <CAPDKCfdeLAJTeG-Wfr=4v09BpEhv_BuP9d8Xv+-ymyCM0VTizQ@mail.gmail.com>

Hi,

   I am just storing the user related information in the directory.
   e.g.
   My .ldif file contents are as follows:

   dn: uid=ldap_5,ou=People,dc=dc,dc=com
uid: ldap_5
cn: ldap_5
sn: ldap_5
mail: ldap_5@dc.com
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
shadowLastChange: 13998
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 513
gidNumber: 513
homeDirectory: /lustre/home/ldap_5

On Mon, Nov 21, 2011 at 12:05 PM, Jayavant Patil <jayavant.patil82@gmail.com> wrote:

Hi,

I want to restrict login access to some selected client nodes (by default, openldap allows user access to all client nodes). I have googled for this, tried many different configurations like host attribute,hostObject class etc. but failed to get the required.

On Mon, Nov 21, 2011 at 11:47 AM, Bill MacAllister <whm@stanford.edu> wrote:

--On Monday, November 21, 2011 11:06:21 AM +0530 Jayavant Patil <jayavant.patil82@gmail.com> wrote:

Hi,

I am using openldap-2.4.19-4 on fedora 12 machine. My question is as
follows:

How to restrict a user access to some client nodes?

Please, explain in detail.

It is not clear what you want to do. You need to provide more details
before you will get the answer that you want.

For example, if you just want to restrict access to the directory from
some nodes, why not use iptables.

If you are talking about restricting login access to some linux nodes
using PAM, this is probably a better question for a PAM list. Of course,
there will be folks on this list that can answer that question as well,
but not without knowing what you are storing in your directory.

Bill

--

Bill MacAllister
Infrastructure Delivery Group, Stanford University

--

Thanks & Regards,
Jayavant Ningoji Patil
+91 9923536030.

--

Thanks & Regards,
Jayavant Ningoji Patil
Engineer: System Software
Computational Research Laboratories Ltd.
Pune-411 004.
Maharashtra, India.
+91 9923536030.

Follow-Ups:
- Re: Limiting host access
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>

References:
- Limiting host access
  - From: Jayavant Patil <jayavant.patil82@gmail.com>
- Re: Limiting host access
  - From: Jayavant Patil <jayavant.patil82@gmail.com>

Prev by Date: Re: Limiting host access
Next by Date: Re: Limiting host access
Index(es):
- Chronological
- Thread