Hi,
 
   I am just storing the user related information in the directory.
   e.g.
   My .ldif file contents are as follows:

   dn: uid=ldap_5,ou=People,dc=dc,dc=com
uid: ldap_5
cn: ldap_5
sn: ldap_5
mail: ldap_5@dc.com
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
shadowLastChange: 13998
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 513
gidNumber: 513
homeDirectory: /lustre/home/ldap_5


On Mon, Nov 21, 2011 at 12:05 PM, Jayavant Patil <jayavant.patil82@gmail.com> wrote:
Hi,

  I want to restrict login access to some selected client nodes (by default, openldap allows user access to all client nodes). I have googled for this, tried many different configurations like host attribute,hostObject class etc. but failed to get the required.


On Mon, Nov 21, 2011 at 11:47 AM, Bill MacAllister <whm@stanford.edu> wrote:


--On Monday, November 21, 2011 11:06:21 AM +0530 Jayavant Patil <jayavant.patil82@gmail.com> wrote:

Hi,

  I am using openldap-2.4.19-4 on fedora 12 machine. My question is as
follows:

  How to restrict a user access to some client nodes?

  Please, explain in detail.

It is not clear what you want to do.  You need to provide more details
before you will get the answer that you want.

For example, if you just want to restrict access to the directory from
some nodes, why not use iptables.

If you are talking about restricting login access to some linux nodes
using PAM, this is probably a better question for a PAM list.  Of course,
there will be folks on this list that can answer that question as well,
but not without knowing what you are storing in your directory.

Bill


--

Bill MacAllister
Infrastructure Delivery Group, Stanford University




--

Thanks & Regards,
Jayavant Ningoji Patil
+91 9923536030.




--

Thanks & Regards,
Jayavant Ningoji Patil
Engineer: System Software
Computational Research Laboratories Ltd.
Pune-411 004.
Maharashtra, India.
+91 9923536030.