[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Newbie question - How to do server based access control ?
>>>>> ""InfoNavigator" == "InfoNavigator <- Ldap" <ldap@infonavigator.be>> writes:
"InfoNavigator> High, we are looking into openldap as a way to
"InfoNavigator> provide single sign-on to our unix network
"InfoNavigator> I searched through the entire documentation, but
"InfoNavigator> there is one tricky question remaining
"InfoNavigator> Suppose I have several machines which all
"InfoNavigator> authenticate against the ldap server, how can I
"InfoNavigator> make sure that a user can login to server1, but
"InfoNavigator> not to server2
http://www.bayour.com/LDAPv3-HOWTO.html
>From these URL's, you might find what you need...
http://www.bayour.com/openldap/pam_ldap.conf.txt
The 'pam_filter' line
http://www.bayour.com/openldap/slapd.conf.txt
The 'include /etc/ldap/schema/trust.schema' line
http://www.bayour.com/openldap/schemas/trust.schema
The actual schema
http://www.bayour.com/openldap/slapd.access.txt
My ACL file
--
Turbo __ _ Debian GNU Unix _IS_ user friendly - it's just
^^^^^ / /(_)_ __ _ ___ __ selective about who its friends are
/ / | | '_ \| | | \ \/ / Debian Certified Linux Developer
_ /// / /__| | | | | |_| |> < Turbo Fredriksson turbo@tripnet.se
\\\/ \____/_|_| |_|\__,_/_/\_\ Stockholm/Sweden