Excellent!  Thank you!

JD

--- "Jeremy C. Reed" <reed@reedmedia.net> wrote:

> On Thu, 11 Oct 2007, Jorge Delacruz wrote:
> 
> >   Anyone ever hear of such a module or means that
> will reject logins if 
> > a user is not in the right group?  The users are
> authenticated against 
> > LDAP, not local files.  This is an access control
> (authorization) issue, 
> > not an authentication issue.
> 
> If you are using ssh server for logins, have a look
> at OpenSSH's 
> DenyGroups and AllowGroups configurations. OpenSSH
> uses getpwnam(3) to get 
> the details for the user to-be logged in.
> 
> So use nsswitch to use ldap for group (and other
> databases). Also setup 
> PAM to use pam_ldap.so also.
> 
>   Jeremy C. Reed
> ---------------------------------------------------
> PLUG-discuss mailing list -
> PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail
> settings:
>
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> 


Jorge Delacruz


       
____________________________________________________________________________________
Pinpoint customers who are looking for what you sell. 
http://searchmarketing.yahoo.com/

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss