PAM and LDAP ACL question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Title: PAM and LDAP ACL question

I'm having some difficulty configuring my LDAP ACL with pam_ldap and nss_ldap.

My goal is to allow access to the LDAP directory only to authentication processes and managers. In other words I want to prohibit read access to the world while allowing authentication access and read/write access to certain manager accounts.

However anytime I try to limit read access the authentication processes stop working.

My only ACL at present is in slapd.conf

Access to dn="*.,dc=mysite,dc=com"
        by * read
        by * auth

and my nsswitch.conf has the following

passwd: ldap files
shadow: ldap files
group: ldap files

As I said, I've tried many different configurations but can't avoid the * read access permission.

Thanks for any help with this issue.

John


[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux