Re: ldap authorization

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



When you say connect you refer to local or remotely?


On 10/10/07, Troy Knabe <knabe@xxxxxxxxxxx> wrote:
> # Group to enforce membership of
> pam_groupdn cn=troy_test,ou=Groups,dc=company,dc=com ## Yes, I replaced
> this with my basedn)
>
> # Group member attribute
> pam_member_attribute uniquemember
>
>
> I am the only member of the group, and uniqueMember is the attribute.
>
> -Troy
>
> Esquivel, Vicente wrote:
> > For me I only had to make sure that the correct pam_member_attribute was
> > set inside the ldap.conf file.
> >
> > Vince
> >
> >> -----Original Message-----
> >> From: redhat-list-bounces@xxxxxxxxxx
> >> [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Troy Knabe
> >> Sent: Wednesday, October 10, 2007 4:35 PM
> >> To: General Red Hat Linux discussion list
> >> Subject: RE: ldap authorization
> >>
> >> So I have done this and restarted nscd and even rebooted, but
> >> still everyone with an account can access the server.  What I
> >> am I missing?
> >>
> >> -Troy
> >>
> >>
> >> -----Original Message-----
> >> From: redhat-list-bounces@xxxxxxxxxx
> >> [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of mups.cp
> >> Sent: Wednesday, October 10, 2007 12:40 PM
> >> To: General Red Hat Linux discussion list
> >> Subject: Re: ldap authorization
> >>
> >> First create a groupOfUniqueNames objectClass in your ldap
> >> and set uniqueMember with the full dn for those users that
> >> should be allowed access.
> >> In /etc/ldap.conf
> >> pam_groupdn cn=unixusers,ou=Groups,dc=domain,dc=com
> >> Where unixusers is the group with the groupOfUniqueNames
> >> objectClass you defined before.
> >>
> >>
> >> On 10/10/07, Esquivel, Vicente <Esquivelv@xxxxxxx> wrote:
> >>> I have much interest on how to get pam_groupdn to work
> >> because I have
> >>> been battling with it for a few days now with not hope in sight.
> >>>
> >>> Vince
> >>>
> >>>> -----Original Message-----
> >>>> From: redhat-list-bounces@xxxxxxxxxx
> >>>> [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of mups.cp
> >>>> Sent: Wednesday, October 10, 2007 2:30 PM
> >>>> To: General Red Hat Linux discussion list
> >>>> Subject: Re: ldap authorization
> >>>>
> >>>> You coud use the pam_groupdn option.
> >>>>
> >>>> On 10/10/07, Troy Knabe <knabe@xxxxxxxxxxx> wrote:
> >>>>> I am using Kerberos for authentication and ldap for
> >>>> authorization.  But I want to limit the ldap users who
> >> can login to
> >>>> the server to a specific group.
> >>>>>
> >>>>>
> >>>>> Anyone have any perls of wisdom on what needs to be added
> >>>> to the ldap.conf???
> >>>>>
> >>>>>
> >>>>> Thanks
> >>>>>
> >>>>> -Troy
> >>>>>
> >>>>>
> >>>>>
> >>>>> --
> >>>>> redhat-list mailing list
> >>>>> unsubscribe
> >>>> mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> >>>>> https://www.redhat.com/mailman/listinfo/redhat-list
> >>>>>
> >>>> --
> >>>> redhat-list mailing list
> >>>> unsubscribe
> >>>> mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> >>>> https://www.redhat.com/mailman/listinfo/redhat-list
> >>>>
> >>> --
> >>> redhat-list mailing list
> >>> unsubscribe
> >> mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> >>> https://www.redhat.com/mailman/listinfo/redhat-list
> >>>
> >> --
> >> redhat-list mailing list
> >> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> >> https://www.redhat.com/mailman/listinfo/redhat-list
> >>
> >> --
> >> redhat-list mailing list
> >> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> >> https://www.redhat.com/mailman/listinfo/redhat-list
> >>
> >
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux