Thanks Michael 

I could not see a specific config settings on ldap.conf which was shown in the document. Basically I want to add another level of authentication where I can configure my host's ldap.conf to reflect which user/groups can be allowed to access a specific host. 

I am not able to find the correct syntax which needs to be entered in host's ldap.conf file

Please advise when you get a chance.



On Wed, Oct 30, 2013 at 10:12 AM, Michael Proto <> wrote:
Try this:

It talks about RedHat Directory Server but you can skip that part and go straight to the "Populating the Directory" portion and go from there. It mentions using NetGroups and PAM to facilitate access to systems based on group membership.


On Wed, Oct 30, 2013 at 12:31 PM, Dheeraj Khanna <> wrote:

I wanted to find if I can add a host based authentication, here is my setup.

Regular LDAP DB , I use group and users and associate permissions to users based on groups. What I want to achieve is this:

If a User A is a member of "Group A" and has access to "hostsA" allow else deny, this will allow me to limit access to certain server types based on user groups. I think we can define this in /etc/ldap.conf but I could not find find the right syntax to add hosts in this config file.

Question: I do not know how to add this ou called "hostaccess", I used a GUI portal called Apache Directory Studio to add/delete users and groups.

If some one knows how to add hosts in LDAP and be able t map groups and users to it that would greatly help me.