[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Restricting Logon permission

To: OpenLDAP-Software@OpenLDAP.org
Subject: Re: Restricting Logon permission
From: Daniel Davidson <danield@life.uiuc.edu>
Date: Thu, 6 Mar 2003 10:58:32 -0600
In-reply-to: <200303052259.34572.tsg@bugalux.com>
References: <200303052259.34572.tsg@bugalux.com>
User-agent: KMail/1.4.3

Thanks for the help, although I still have a few questions.

I found the host attribute in cosine.schema, however to get this to start 
working, dont I have to change something in nsswitch.conf?  If so, can you 
tell me what the line is supposed to be.

thanks again,

Dan


On Wednesday 05 March 2003 03:59 pm, tsg wrote:
> Среда 05 Март 2003 22:26, Wade Winright написал:
> > Can you utilize pam? If you are using Linux or Solaris, I believe this
> > would be the best way to implement this...
> >
> >
> > -----Original Message-----
> > From:	Daniel Davidson [mailto:danield@life.uiuc.edu]
> > Sent:	Wed 3/5/2003 1:04 PM
> > To:	OpenLDAP-Software@OpenLDAP.org
> > Cc:
> > Subject:	Restricting Logon permission
> > We are working on trying unifying our password database via openldap, and
> > I am looking for a way to restrict logon rights, so only certain people
> > can log onto some servers.  For example I do not want everyone to be able
> > to log onto a machine we use for testing applications before we make them
> > public, but it would be nice if we could use ldap for authentication.
> >
> > thanks for any help,
> >
> > Dan
>
> If You use PAM-LDAP & NSS-LDAP there is attribute "host" in pam-ldap
> schema, where You can list all hosts the User can log in.
> Sergios

Follow-Ups:
- Re: Restricting Logon permission
  - From: Daniel Davidson <danield@life.uiuc.edu>

References:
- Re: Restricting Logon permission
  - From: tsg <tsg@bugalux.com>

Prev by Date: RE: OpenLDAP in Production
Next by Date: SASL/EXTERNAL on ldapi://
Index(es):
- Chronological
- Thread