ldap authorization
mups.cp
mups.cp at gmail.com
Wed Oct 10 21:08:02 UTC 2007
You'll need set ldap in /etc/nsswitch.conf for passwd shadow and group
and set pam_ldap.so for auth password and session in system-auth.
There are other thing you could include in your system-auth depends on
the kind of setup you need for you environment, such as cracklib for
stronger passwords, sync windows and linux passwords, and so on.
Most of this could be done with few step using authconfig, but if you
after manually change system-auth, never use authconfig again because
you'll lost your customizations.
On 10/10/07, Esquivel, Vicente <Esquivelv at uhd.edu> wrote:
> Is there anything that needs to be done to the system-auth pam module to
> allow this to work correctly?
>
>
> > -----Original Message-----
> > From: redhat-list-bounces at redhat.com
> > [mailto:redhat-list-bounces at redhat.com] On Behalf Of mups.cp
> > Sent: Wednesday, October 10, 2007 2:40 PM
> > To: General Red Hat Linux discussion list
> > Subject: Re: ldap authorization
> >
> > First create a groupOfUniqueNames objectClass in your ldap
> > and set uniqueMember with the full dn for those users that
> > should be allowed access.
> > In /etc/ldap.conf
> > pam_groupdn cn=unixusers,ou=Groups,dc=domain,dc=com
> > Where unixusers is the group with the groupOfUniqueNames
> > objectClass you defined before.
> >
> >
> > On 10/10/07, Esquivel, Vicente <Esquivelv at uhd.edu> wrote:
> > > I have much interest on how to get pam_groupdn to work
> > because I have
> > > been battling with it for a few days now with not hope in sight.
> > >
> > > Vince
> > >
> > > > -----Original Message-----
> > > > From: redhat-list-bounces at redhat.com
> > > > [mailto:redhat-list-bounces at redhat.com] On Behalf Of mups.cp
> > > > Sent: Wednesday, October 10, 2007 2:30 PM
> > > > To: General Red Hat Linux discussion list
> > > > Subject: Re: ldap authorization
> > > >
> > > > You coud use the pam_groupdn option.
> > > >
> > > > On 10/10/07, Troy Knabe <knabe at 4j.lane.edu> wrote:
> > > > > I am using Kerberos for authentication and ldap for
> > > > authorization. But I want to limit the ldap users who
> > can login to
> > > > the server to a specific group.
> > > > >
> > > > >
> > > > >
> > > > > Anyone have any perls of wisdom on what needs to be added
> > > > to the ldap.conf???
> > > > >
> > > > >
> > > > >
> > > > > Thanks
> > > > >
> > > > > -Troy
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > redhat-list mailing list
> > > > > unsubscribe
> > > > mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > > > > https://www.redhat.com/mailman/listinfo/redhat-list
> > > > >
> > > >
> > > > --
> > > > redhat-list mailing list
> > > > unsubscribe
> > > > mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > > > https://www.redhat.com/mailman/listinfo/redhat-list
> > > >
> > >
> > > --
> > > redhat-list mailing list
> > > unsubscribe
> > mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > > https://www.redhat.com/mailman/listinfo/redhat-list
> > >
> >
> > --
> > redhat-list mailing list
> > unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
More information about the redhat-list
mailing list