When you say connect you refer to local or remotely? On 10/10/07, Troy Knabe <knabe@xxxxxxxxxxx> wrote: > # Group to enforce membership of > pam_groupdn cn=troy_test,ou=Groups,dc=company,dc=com ## Yes, I replaced > this with my basedn) > > # Group member attribute > pam_member_attribute uniquemember > > > I am the only member of the group, and uniqueMember is the attribute. > > -Troy > > Esquivel, Vicente wrote: > > For me I only had to make sure that the correct pam_member_attribute was > > set inside the ldap.conf file. > > > > Vince > > > >> -----Original Message----- > >> From: redhat-list-bounces@xxxxxxxxxx > >> [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Troy Knabe > >> Sent: Wednesday, October 10, 2007 4:35 PM > >> To: General Red Hat Linux discussion list > >> Subject: RE: ldap authorization > >> > >> So I have done this and restarted nscd and even rebooted, but > >> still everyone with an account can access the server. What I > >> am I missing? > >> > >> -Troy > >> > >> > >> -----Original Message----- > >> From: redhat-list-bounces@xxxxxxxxxx > >> [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of mups.cp > >> Sent: Wednesday, October 10, 2007 12:40 PM > >> To: General Red Hat Linux discussion list > >> Subject: Re: ldap authorization > >> > >> First create a groupOfUniqueNames objectClass in your ldap > >> and set uniqueMember with the full dn for those users that > >> should be allowed access. > >> In /etc/ldap.conf > >> pam_groupdn cn=unixusers,ou=Groups,dc=domain,dc=com > >> Where unixusers is the group with the groupOfUniqueNames > >> objectClass you defined before. > >> > >> > >> On 10/10/07, Esquivel, Vicente <Esquivelv@xxxxxxx> wrote: > >>> I have much interest on how to get pam_groupdn to work > >> because I have > >>> been battling with it for a few days now with not hope in sight. > >>> > >>> Vince > >>> > >>>> -----Original Message----- > >>>> From: redhat-list-bounces@xxxxxxxxxx > >>>> [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of mups.cp > >>>> Sent: Wednesday, October 10, 2007 2:30 PM > >>>> To: General Red Hat Linux discussion list > >>>> Subject: Re: ldap authorization > >>>> > >>>> You coud use the pam_groupdn option. > >>>> > >>>> On 10/10/07, Troy Knabe <knabe@xxxxxxxxxxx> wrote: > >>>>> I am using Kerberos for authentication and ldap for > >>>> authorization. But I want to limit the ldap users who > >> can login to > >>>> the server to a specific group. > >>>>> > >>>>> > >>>>> Anyone have any perls of wisdom on what needs to be added > >>>> to the ldap.conf??? > >>>>> > >>>>> > >>>>> Thanks > >>>>> > >>>>> -Troy > >>>>> > >>>>> > >>>>> > >>>>> -- > >>>>> redhat-list mailing list > >>>>> unsubscribe > >>>> mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > >>>>> https://www.redhat.com/mailman/listinfo/redhat-list > >>>>> > >>>> -- > >>>> redhat-list mailing list > >>>> unsubscribe > >>>> mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > >>>> https://www.redhat.com/mailman/listinfo/redhat-list > >>>> > >>> -- > >>> redhat-list mailing list > >>> unsubscribe > >> mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > >>> https://www.redhat.com/mailman/listinfo/redhat-list > >>> > >> -- > >> redhat-list mailing list > >> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > >> https://www.redhat.com/mailman/listinfo/redhat-list > >> > >> -- > >> redhat-list mailing list > >> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > >> https://www.redhat.com/mailman/listinfo/redhat-list > >> > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
