On 10/29/12 13:23 +0100, Simone Scremin wrote:
Hi all,
I'm in the process of learning the OpenLDAP authentication mechanics.
I'd need to know what is the best way to configure an host based
authentication system that allow to configure a per-user rule to include a
group of host to which the user is allowed to login.
In example:
user Bob needs to authenticate on systems:
sys01pra
sys02pre
sys03pra
sys03pre
some configuration on the LDAP server enable this hostnames for Bob with a
regular expression like:
sys0*pr*
Is it feasable?
Assuming that you will be using a PAM module on each host, the answer to
that question will depend on which PAM module you choose, and what
configuration it supports.
If that module supports placing a filter within the PAM configuration, then
'host=sys0*pr*' should work.