François Mehault wrote:
I use the primitive pam_check_host_attr in pam_ldap to filter my users.
In OpenLDAP I add the attribute host for each users. I can write « host
= hostlab.netplus.fr (fqdn) » to allow just one host for my user, or «
host = * » to allow all hosts. But if I write host = 192.168.57.48 (the
IP of hostlab.netplus.fr), my user is not able to authenticate on the
host, Why I have to write the FQDN and not the IP address. Isn’t
possible ? And Is it possible to use regexp with the host attribute?
Like host = 192.168.45.* ?
All of this behavior depends on the pam_ldap module; your question belongs on
the pam_ldap mailing list.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/