ldap authorization

Troy Knabe knabe at 4j.lane.edu
Wed Oct 10 21:34:35 UTC 2007 

So I have done this and restarted nscd and even rebooted, but still everyone with an account can access the server.  What I am I missing?

-Troy


-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com] On Behalf Of mups.cp
Sent: Wednesday, October 10, 2007 12:40 PM
To: General Red Hat Linux discussion list
Subject: Re: ldap authorization

First create a groupOfUniqueNames objectClass in your ldap and set
uniqueMember with the full dn for those users that should be allowed
access.
In /etc/ldap.conf
pam_groupdn cn=unixusers,ou=Groups,dc=domain,dc=com
Where unixusers is the group with the groupOfUniqueNames objectClass
you defined before.


On 10/10/07, Esquivel, Vicente <Esquivelv at uhd.edu> wrote:
> I have much interest on how to get pam_groupdn to work because I have
> been battling with it for a few days now with not hope in sight.
>
> Vince
>
> > -----Original Message-----
> > From: redhat-list-bounces at redhat.com
> > [mailto:redhat-list-bounces at redhat.com] On Behalf Of mups.cp
> > Sent: Wednesday, October 10, 2007 2:30 PM
> > To: General Red Hat Linux discussion list
> > Subject: Re: ldap authorization
> >
> > You coud use the pam_groupdn option.
> >
> > On 10/10/07, Troy Knabe <knabe at 4j.lane.edu> wrote:
> > > I am using Kerberos for authentication and ldap for
> > authorization.  But I want to limit the ldap users who can
> > login to the server to a specific group.
> > >
> > >
> > >
> > > Anyone have any perls of wisdom on what needs to be added
> > to the ldap.conf???
> > >
> > >
> > >
> > > Thanks
> > >
> > > -Troy
> > >
> > >
> > >
> > > --
> > > redhat-list mailing list
> > > unsubscribe
> > mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > > https://www.redhat.com/mailman/listinfo/redhat-list
> > >
> >
> > --
> > redhat-list mailing list
> > unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

More information about the redhat-list mailing list