Or you can create your own Aux. object class that includes the host attribute then you just have to modify the ldap.conf for the machine to restrict user authentication.
- Adam
On Thu, 2009-12-03 at 10:48 -0300, Jarbas Peixoto JĂșnior wrote:
If you are using ssh and pam can be done like this:
# tail /etc/ssh/sshd_config
# Allow client to pass locale environment variables AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes
# Restringir acesso ao grupo local 'suporte' e a grupos LDAP AllowGroups suporte "SSH UDSL"
where "SSH UDSL" is a Group in LDAP, and "suporte" is a local group.
2009/12/3 Serge Fonville serge.fonville@gmail.com:
Hi,
While setting up an LDAP server. I noticed that it is not possible to add a host attribute to a posixGroup.
Is there a way to limit a user what host they can logon to based on their group membership?
Thanks in advance
Regards,
Serge Fonville
-- http://www.sergefonville.nl
Convince Google!! They need to support Adsense over SSL https://www.google.com/adsense/support/bin/answer.py?hl=en&answer=10528 http://www.google.com/support/forum/p/AdSense/thread?tid=1884bc9310d9f923&am...