[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Host and group of users authentication
- To: openldap-technical@openldap.org
- Subject: Host and group of users authentication
- From: Tech Only <stech.only@gmail.com>
- Date: Thu, 28 May 2009 09:52:11 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type; bh=la68ZaZe6GU3/KlH53t23qlBDKJUavgNnQbz3HsHsUw=; b=uxBN9B6/9M98eiJSEbGguMmU6IsSV4aRF1qoIRNn5GTvOZazYUqQkWICaMu5zjFPxf Q9+ZwucNZBL2Ftx9GnoQYhZDThpX03wkzXpDFBBOyDH4SjvVEDP8d+jrm/dBXGH+A3lO PBlfXiriORZtF7gyy/rSvJrpxa6EXKD1f+vj0=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=Dd+pbJzyE+hl0OHK3hCB0PQM/9S9gYmJ+C+qhH/v3TIqvxp6/ZGiVSApAyxHnYlWKQ dSXtdJUO8tkqN4k8FSF0cpJGS7NvHsXxDL/1fCReEYID35FsYTR6Zgcnin+uJ4cjUJnF 5FU/vOxJMjDjWFkMNSmPQ1GLxFKxH8b3XvCCE=
Hello,
I am trying to make group of users to log on to a particular server depending on LDAP credentials.
Telnet , ssh work just fine to the host with out any issues. Once I make changes to the ldap.conf file on the client to use the
base dc=test,dc=org
pam_groupdn cn=ldap,ou=hosts,dc=test,dc=org
pam_member_attribute member
The server is Debian Openldap and the client is Centos 5.*
I get
You must be a memeber of cn=ldap,ou=hosts,dc=test,dc=org to login
And here are the ldif files I used to create the entries.
users.ldif
dn: cn=Test1 User1,ou=people,dc=test,dc=org
givenName: Test1
sn: User1
cn: Test1 User1
userPassword: {MD5}ICy5YqxZB1uWSwcVLSNLcA==
uidNumber: 1001
gidNumber: 1000
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
uid: test1
homeDirectory: /home/users/test1
dn: cn=Test2 User2,ou=people,dc=test,dc=org
givenName: Test2
sn: User2
cn: Test2 User2
userPassword: {MD5}ICy5YqxZB1uWSwcVLSNLcA==
uidNumber: 1002
gidNumber: 1000
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
uid: test2
homeDirectory: /home/users/test2
Hosts.ldif
dn: cn=ldap,ou=hosts,dc=test,dc=org
objectclass: ipHost
objectclass: device
objectclass: extensibleObject
ipHostnumber: 1.1.1.2
cn: ldap
member: uid=test1,ou=people,dc=test,dc=org
member: uid=test2,ou=people,dc=test,dc=org