Hi,
I am just storing the user related information in the directory. e.g. My .ldif file contents are as follows:
dn: uid=ldap_5,ou=People,dc=dc,dc=com uid: ldap_5 cn: ldap_5 sn: ldap_5 mail: ldap_5@dc.com objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: shadowAccount shadowLastChange: 13998 shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 513 gidNumber: 513 homeDirectory: /lustre/home/ldap_5
On Mon, Nov 21, 2011 at 12:05 PM, Jayavant Patil <jayavant.patil82@gmail.com
wrote:
Hi,
I want to restrict login access to some selected client nodes (by default, openldap allows user access to all client nodes). I have googled for this, tried many different configurations like host attribute,hostObject class etc. but failed to get the required.
On Mon, Nov 21, 2011 at 11:47 AM, Bill MacAllister whm@stanford.eduwrote:
--On Monday, November 21, 2011 11:06:21 AM +0530 Jayavant Patil < jayavant.patil82@gmail.com> wrote:
Hi,
I am using openldap-2.4.19-4 on fedora 12 machine. My question is as follows:
How to restrict a user access to some client nodes?
Please, explain in detail.
It is not clear what you want to do. You need to provide more details before you will get the answer that you want.
For example, if you just want to restrict access to the directory from some nodes, why not use iptables.
If you are talking about restricting login access to some linux nodes using PAM, this is probably a better question for a PAM list. Of course, there will be folks on this list that can answer that question as well, but not without knowing what you are storing in your directory.
Bill
--
Bill MacAllister Infrastructure Delivery Group, Stanford University
--
Thanks & Regards, Jayavant Ningoji Patil +91 9923536030.