Server authentication
Jorge Delacruz
alterthegrid at yahoo.com
Thu Oct 11 20:35:10 MST 2007
Excellent! Thank you!
JD
--- "Jeremy C. Reed" <reed at reedmedia.net> wrote:
> On Thu, 11 Oct 2007, Jorge Delacruz wrote:
>
> > Anyone ever hear of such a module or means that
> will reject logins if
> > a user is not in the right group? The users are
> authenticated against
> > LDAP, not local files. This is an access control
> (authorization) issue,
> > not an authentication issue.
>
> If you are using ssh server for logins, have a look
> at OpenSSH's
> DenyGroups and AllowGroups configurations. OpenSSH
> uses getpwnam(3) to get
> the details for the user to-be logged in.
>
> So use nsswitch to use ldap for group (and other
> databases). Also setup
> PAM to use pam_ldap.so also.
>
> Jeremy C. Reed
> ---------------------------------------------------
> PLUG-discuss mailing list -
> PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail
> settings:
>
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
Jorge Delacruz
____________________________________________________________________________________
Pinpoint customers who are looking for what you sell.
http://searchmarketing.yahoo.com/
More information about the PLUG-discuss
mailing list