Praveen Kumar wrote:

Hi,

I using the LDAP server for authentication and log into a machine.

Now i want the user should not be allowed log into any machine, if it is already logged into one machine using that LDAP server for the login and authentication.

Means that there should not be any simultaneous login for the same user. Is this possible using the LDAP or Not.

I don't think this belongs to LDAP (or to OpenLDAP). In fact, LDAP can provide authentication services, but how, where and when a user is actually logged to what (a machine, an application or whatever) is a matter of system-wide resource access policy, which, with respect to a DSA, is an application (a client), although a user would probably see it as a server. You could, of course, design a layer that keeps track of the fact that authentication requests came in for a given user and related to a given resource, and based on that, deny further access on a specific policy. OpenLDAP supports this by letting you design and implement your own overlay to solve your specific problem.

p.

Ing. Pierangelo Masarati OpenLDAP Core Team

SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando@sys-net.it -----------------------------------