[Date Prev][Date Next] [Chronological] [Thread] [Top]

Linux authentication/authorization against OpenLDAP



I've configured several linux systems to authenticate against OpenLDAP,
but I was wondering if a finer degree of authorization is possible.  For
instance, I'd like to assign our administrators to several groups
("security", "admins", "network", etc) and grant access to some machines
only to certain groups.  I understand this can be done at the
application layer (the ssh.com SSH daemon we use includes some logic to
limit access by group), but I'd like this to be transparent to the
applications, since we use other remote access methods that also tie
into PAM.

Does this functionality exist, or I am going about this the entirely
wrong way?

Thanks!
Dave LaPorte

--
David LaPorte
dave@laportestyle.org