[Date Prev][Date Next]
Re: Newbie question about host base authentication
if you are using pam-ldap, then its even easier than you think, i.e. its
included in pam-ldap:
in the ldap directory create entries like or similar:
where the important attribute is host.
Then, in the ldap.conf file, where you tell pam-ldap, which ldap
parameters to use, add the following line:
Then, in the corresponding pam-ldap file, add the following two entries:
account required pam_ldap.so debug
account required pam_unix_acct.so
(check to see, if you have the respecitve module installed in your
pam-ldap module direcotory).
And then, by magic, users will be allowed only on the specified host, in
this case on vidigal.mydomain.com
On 2012-10-29 13:23, Simone Scremin wrote:
I'm in the process of learning the OpenLDAP authentication mechanics.
I'd need to know what is the best way to configure an host based authentication system that allow to configure a per-user rule to include a group of host to which the user is allowed to login.
user Bob needs to authenticate on systems:
some configuration on the LDAP server enable this hostnames for Bob with a regular expression like:
Is it feasable?