ldap authorization

mups.cp mups.cp at gmail.com
Thu Oct 11 01:34:30 UTC 2007 

getent passwd returns the desired users ?

On 10/10/07, mups. cp <mups.cp at gmail.com> wrote:
> When you say connect you refer to local or remotely?
>
>
> On 10/10/07, Troy Knabe <knabe at 4j.lane.edu> wrote:
> > # Group to enforce membership of
> > pam_groupdn cn=troy_test,ou=Groups,dc=company,dc=com ## Yes, I replaced
> > this with my basedn)
> >
> > # Group member attribute
> > pam_member_attribute uniquemember
> >
> >
> > I am the only member of the group, and uniqueMember is the attribute.
> >
> > -Troy
> >
> > Esquivel, Vicente wrote:
> > > For me I only had to make sure that the correct pam_member_attribute was
> > > set inside the ldap.conf file.
> > >
> > > Vince
> > >
> > >> -----Original Message-----
> > >> From: redhat-list-bounces at redhat.com
> > >> [mailto:redhat-list-bounces at redhat.com] On Behalf Of Troy Knabe
> > >> Sent: Wednesday, October 10, 2007 4:35 PM
> > >> To: General Red Hat Linux discussion list
> > >> Subject: RE: ldap authorization
> > >>
> > >> So I have done this and restarted nscd and even rebooted, but
> > >> still everyone with an account can access the server.  What I
> > >> am I missing?
> > >>
> > >> -Troy
> > >>
> > >>
> > >> -----Original Message-----
> > >> From: redhat-list-bounces at redhat.com
> > >> [mailto:redhat-list-bounces at redhat.com] On Behalf Of mups.cp
> > >> Sent: Wednesday, October 10, 2007 12:40 PM
> > >> To: General Red Hat Linux discussion list
> > >> Subject: Re: ldap authorization
> > >>
> > >> First create a groupOfUniqueNames objectClass in your ldap
> > >> and set uniqueMember with the full dn for those users that
> > >> should be allowed access.
> > >> In /etc/ldap.conf
> > >> pam_groupdn cn=unixusers,ou=Groups,dc=domain,dc=com
> > >> Where unixusers is the group with the groupOfUniqueNames
> > >> objectClass you defined before.
> > >>
> > >>
> > >> On 10/10/07, Esquivel, Vicente <Esquivelv at uhd.edu> wrote:
> > >>> I have much interest on how to get pam_groupdn to work
> > >> because I have
> > >>> been battling with it for a few days now with not hope in sight.
> > >>>
> > >>> Vince
> > >>>
> > >>>> -----Original Message-----
> > >>>> From: redhat-list-bounces at redhat.com
> > >>>> [mailto:redhat-list-bounces at redhat.com] On Behalf Of mups.cp
> > >>>> Sent: Wednesday, October 10, 2007 2:30 PM
> > >>>> To: General Red Hat Linux discussion list
> > >>>> Subject: Re: ldap authorization
> > >>>>
> > >>>> You coud use the pam_groupdn option.
> > >>>>
> > >>>> On 10/10/07, Troy Knabe <knabe at 4j.lane.edu> wrote:
> > >>>>> I am using Kerberos for authentication and ldap for
> > >>>> authorization.  But I want to limit the ldap users who
> > >> can login to
> > >>>> the server to a specific group.
> > >>>>>
> > >>>>>
> > >>>>> Anyone have any perls of wisdom on what needs to be added
> > >>>> to the ldap.conf???
> > >>>>>
> > >>>>>
> > >>>>> Thanks
> > >>>>>
> > >>>>> -Troy
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>> --
> > >>>>> redhat-list mailing list
> > >>>>> unsubscribe
> > >>>> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > >>>>> https://www.redhat.com/mailman/listinfo/redhat-list
> > >>>>>
> > >>>> --
> > >>>> redhat-list mailing list
> > >>>> unsubscribe
> > >>>> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > >>>> https://www.redhat.com/mailman/listinfo/redhat-list
> > >>>>
> > >>> --
> > >>> redhat-list mailing list
> > >>> unsubscribe
> > >> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > >>> https://www.redhat.com/mailman/listinfo/redhat-list
> > >>>
> > >> --
> > >> redhat-list mailing list
> > >> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > >> https://www.redhat.com/mailman/listinfo/redhat-list
> > >>
> > >> --
> > >> redhat-list mailing list
> > >> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > >> https://www.redhat.com/mailman/listinfo/redhat-list
> > >>
> > >
> >
> > --
> > redhat-list mailing list
> > unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
>

More information about the redhat-list mailing list