ldap authorization
Esquivel, Vicente
Esquivelv at uhd.edu
Wed Oct 10 21:48:49 UTC 2007
What does your pam system-auth look like for the account statements?
> -----Original Message-----
> From: redhat-list-bounces at redhat.com
> [mailto:redhat-list-bounces at redhat.com] On Behalf Of Troy Knabe
> Sent: Wednesday, October 10, 2007 4:40 PM
> To: General Red Hat Linux discussion list
> Subject: Re: ldap authorization
>
> # Group to enforce membership of
> pam_groupdn cn=troy_test,ou=Groups,dc=company,dc=com ## Yes,
> I replaced this with my basedn)
>
> # Group member attribute
> pam_member_attribute uniquemember
>
>
> I am the only member of the group, and uniqueMember is the attribute.
>
> -Troy
>
> Esquivel, Vicente wrote:
> > For me I only had to make sure that the correct
> pam_member_attribute
> > was set inside the ldap.conf file.
> >
> > Vince
> >
> >> -----Original Message-----
> >> From: redhat-list-bounces at redhat.com
> >> [mailto:redhat-list-bounces at redhat.com] On Behalf Of Troy Knabe
> >> Sent: Wednesday, October 10, 2007 4:35 PM
> >> To: General Red Hat Linux discussion list
> >> Subject: RE: ldap authorization
> >>
> >> So I have done this and restarted nscd and even rebooted,
> but still
> >> everyone with an account can access the server. What I am
> I missing?
> >>
> >> -Troy
> >>
> >>
> >> -----Original Message-----
> >> From: redhat-list-bounces at redhat.com
> >> [mailto:redhat-list-bounces at redhat.com] On Behalf Of mups.cp
> >> Sent: Wednesday, October 10, 2007 12:40 PM
> >> To: General Red Hat Linux discussion list
> >> Subject: Re: ldap authorization
> >>
> >> First create a groupOfUniqueNames objectClass in your ldap and set
> >> uniqueMember with the full dn for those users that should
> be allowed
> >> access.
> >> In /etc/ldap.conf
> >> pam_groupdn cn=unixusers,ou=Groups,dc=domain,dc=com
> >> Where unixusers is the group with the groupOfUniqueNames
> objectClass
> >> you defined before.
> >>
> >>
> >> On 10/10/07, Esquivel, Vicente <Esquivelv at uhd.edu> wrote:
> >>> I have much interest on how to get pam_groupdn to work
> >> because I have
> >>> been battling with it for a few days now with not hope in sight.
> >>>
> >>> Vince
> >>>
> >>>> -----Original Message-----
> >>>> From: redhat-list-bounces at redhat.com
> >>>> [mailto:redhat-list-bounces at redhat.com] On Behalf Of mups.cp
> >>>> Sent: Wednesday, October 10, 2007 2:30 PM
> >>>> To: General Red Hat Linux discussion list
> >>>> Subject: Re: ldap authorization
> >>>>
> >>>> You coud use the pam_groupdn option.
> >>>>
> >>>> On 10/10/07, Troy Knabe <knabe at 4j.lane.edu> wrote:
> >>>>> I am using Kerberos for authentication and ldap for
> >>>> authorization. But I want to limit the ldap users who
> >> can login to
> >>>> the server to a specific group.
> >>>>>
> >>>>>
> >>>>> Anyone have any perls of wisdom on what needs to be added
> >>>> to the ldap.conf???
> >>>>>
> >>>>>
> >>>>> Thanks
> >>>>>
> >>>>> -Troy
> >>>>>
> >>>>>
> >>>>>
> >>>>> --
> >>>>> redhat-list mailing list
> >>>>> unsubscribe
> >>>> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> >>>>> https://www.redhat.com/mailman/listinfo/redhat-list
> >>>>>
> >>>> --
> >>>> redhat-list mailing list
> >>>> unsubscribe
> >>>> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> >>>> https://www.redhat.com/mailman/listinfo/redhat-list
> >>>>
> >>> --
> >>> redhat-list mailing list
> >>> unsubscribe
> >> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> >>> https://www.redhat.com/mailman/listinfo/redhat-list
> >>>
> >> --
> >> redhat-list mailing list
> >> unsubscribe
> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> >> https://www.redhat.com/mailman/listinfo/redhat-list
> >>
> >> --
> >> redhat-list mailing list
> >> unsubscribe
> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> >> https://www.redhat.com/mailman/listinfo/redhat-list
> >>
> >
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
More information about the redhat-list
mailing list