[Date Prev][Date Next]
Re: Newbie question about host base authentication
Dan White wrote:
On 10/29/12 13:23 +0100, Simone Scremin wrote:
I'm in the process of learning the OpenLDAP authentication mechanics.
I'd need to know what is the best way to configure an host based
authentication system that allow to configure a per-user rule to include a
group of host to which the user is allowed to login.
user Bob needs to authenticate on systems:
some configuration on the LDAP server enable this hostnames for Bob with a
regular expression like:
Is it feasable?
Assuming that you will be using a PAM module on each host, the answer to
that question will depend on which PAM module you choose, and what
configuration it supports.
If that module supports placing a filter within the PAM configuration, then
'host=sys0*pr*' should work.
The PADL pam_ldap module has no such feature. The OpenLDAP nssov overlay does.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/