Re: nslcd feature request (combined pam_authz_search)

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: nss-pam-ldapd-users <nss-pam-ldapd-users [at] lists.arthurdejong.org>
Subject: Re: nslcd feature request (combined pam_authz_search)
Date: Fri, 04 May 2012 15:41:05 +0200

On Tue, 2012-04-24 at 00:11 +0400, Lior Goikhburg wrote:
> Well, I though the ldap search can be specified for a single object (I
> first search the posixAccount objects and then server object).
> I've also made a mistake in the description of the situation:
> The idea is that all of the conditions need to return true so the user
> can be granted access.
> 
> The user has to be having the host attribute with the right hostname
> AND that very host has to be enabled.

In SVN, I've added support for specifying multiple pam_authz_search
options. All searches should at least return one entry for the
authorisation to succeed. This should be part of the next 0.8 release.

The change is here:
http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1679&view=revision

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org --

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/

nslcd feature request (combined pam_authz_search), Lior Goikhburg
- Re: nslcd feature request (combined pam_authz_search), Arthur de Jong
  - Re: nslcd feature request (combined pam_authz_search), Lior Goikhburg
    - Re: nslcd feature request (combined pam_authz_search), Arthur de Jong

Prev by Date: Re: nss-ldapd-0.6.11 on RedHat
Next by Date: Local users
Previous by thread: Re: nslcd feature request (combined pam_authz_search)
Next by thread: nss-ldapd-0.6.11 on RedHat