[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

PAM and LDAP ACL question



Title: PAM and LDAP ACL question

I'm having some difficulty configuring my LDAP ACL with pam_ldap and nss_ldap.

My goal is to allow access to the LDAP directory only to authentication processes and managers. In other words I want to prohibit read access to the world while allowing authentication access and read/write access to certain manager accounts.

However anytime I try to limit read access the authentication processes stop working.

My only ACL at present is in slapd.conf

Access to dn="*.,dc=mysite,dc=com"
        by * read
        by * auth

and my nsswitch.conf has the following

passwd: ldap files
shadow: ldap files
group: ldap files

As I said, I've tried many different configurations but can't avoid the * read access permission.

Thanks for any help with this issue.

John


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []