nss-pam-ldapd authorization only on rhel6
[Date Prev][Date Next] [Thread Prev][Thread Next]nss-pam-ldapd authorization only on rhel6
- From: Subu Ayyagari <subu.ayyagari [at] gmail.com>
- To: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: nss-pam-ldapd authorization only on rhel6
- Date: Sun, 24 Jul 2011 01:16:57 -0400
Hi,
Looking for a solution that will allow host access based on filter ( pam_authz_search ),
but still be able to resolve passwd map for users not allowed to login.
1) Do not want to use PAM as there might be access methods that are not pam-enabled
Tried below config to force /bin/false on user not having access to the host, but did not work
# Host Access
base passwd ou=passwd,dc=example,dc=com
filter passwd (objetclass=posixaccount)(accessattrib=1234)
# Other user passwd map records are visible but /bin/false
base passwd ou=passwd,dc=example,dc=com
map passwd loginshell "/bin/false"
2) If PAM is the only solution for this use-case, does anyone have a sample config
for RHEL6 to provide PAM Based Authorization Only ?
We use kerberos for authentication.
thanks
- subu
-- To unsubscribe send an email to nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see http://lists.arthurdejong.org/nss-pam-ldapd-users
- nss-pam-ldapd authorization only on rhel6, Subu Ayyagari
- Prev by Date: Re: Request Attribute lists and maps
- Next by Date: Issue - Passwd maps in multiple OUs
- Previous by thread: Re: Request Attribute lists and maps
- Next by thread: Issue - Passwd maps in multiple OUs