[Freeipa-users] nsAccountLock attribute
Jan Cholasta
jcholast at redhat.com
Wed Apr 1 05:36:27 UTC 2015
Hi,
Dne 1.4.2015 v 07:09 Prashant Bapat napsal(a):
> Hi ,
>
> Is there a way of making the nsAccountLock attribute (User
> enable/disable) to be anonymously readable ?
>
> I'm trying to implement a SSH key lookup sshd authorized key command
> script. Based on this attribute the user will be allowed to login. I
> need this to be anonymously readable.
>
> Tried setting the permissions but it does not work.
>
> Any other ideas on this ?
If your SSH server is a properly configured IPA host (i.e. you had run
ipa-client-install or ipa-server-install on it), rejecting locked user
login should work automatically, without having to configure anything.
>
> Thanks for your help.
>
> --Prashant
>
>
--
Jan Cholasta
More information about the Freeipa-users
mailing list