11:47 p.m.
Hello,
I have configured openldap for SSO. Now I am authenticating all of my linux
boxes with this SSO. Now I have requirement that my root user should not
authenticate through this SSO. Rest of all users should authenticate through
this.
Can any one have any suggestion for this.
Thannn Koooo
Hammad Ahmad
5:49 a.m.
If you are asking if the superuser account on a Linux system should
authenticate via something other than the local files (/etc/password, /
etc/shadow, etc), then I would remark that that is not something I
would recommend.
On Apr 8, 2009, at 2:47 AM, Hammad Ahmad Bhatti wrote:
Hello,
I have configured openldap for SSO. Now I am authenticating all of
my linux
boxes with this SSO. Now I have requirement that my root user should
not
authenticate through this SSO. Rest of all users should authenticate
through
this.
Can any one have any suggestion for this.
Thannn Koooo
Hammad Ahmad
======
Terry.Gardner(a)Sun.COM
Blog: http://blogs.sun.com/terrygardner
Blog: http://dtfar.blogspot.com
Twitter: http://twitter.com/tgardner
SLAMD: http://slamd2.dev.java.net
"The best things in life are not things."
5:58 a.m.
Thank you terry for bothering this. Actually I want that super user should
authenticate locally like /etc/passwd or /etc/shadow. Please advice if you
have any suggestion for this.
Hammad Ahmad | Associate Network Administrator | Network Operations Center |
noc(a)i2cinc.com
i2c Inc. | 1300 Island Drive, Suite 105, Redwood City, CA 94065| URL:
www.i2cinc.com
Tel: (650) 593 5400 x4105 | 24x7 NOC: (650) 480 5291 | Fax: (650) 593 5402
-----Original Message-----
From: Terry.Gardner(a)Sun.COM [mailto:Terry.Gardner@Sun.COM]
Sent: Wednesday, April 08, 2009 5:50 PM
To: Hammad Ahmad Bhatti
Cc: openldap-technical(a)openldap.org
Subject: Re: Ldap authentication
If you are asking if the superuser account on a Linux system should
authenticate via something other than the local files (/etc/password, /
etc/shadow, etc), then I would remark that that is not something I would
recommend.
On Apr 8, 2009, at 2:47 AM, Hammad Ahmad Bhatti wrote:
Hello,
I have configured openldap for SSO. Now I am authenticating all of my
linux boxes with this SSO. Now I have requirement that my root user
should not authenticate through this SSO. Rest of all users should
authenticate through this.
Can any one have any suggestion for this.
Thannn Koooo
Hammad Ahmad
======
Terry.Gardner(a)Sun.COM
Blog: http://blogs.sun.com/terrygardner
Blog: http://dtfar.blogspot.com
Twitter: http://twitter.com/tgardner
SLAMD: http://slamd2.dev.java.net
"The best things in life are not things."
6:15 a.m.
New subject: AW: Ldap authentication
Hello,
How about this:
Dont create an ldap entry for the root account and use "files ldap" in your
nsswitch.conf?
passwd: files ldap
group: files ldap
Cheers,
Claus
-----Ursprüngliche Nachricht-----
Von: openldap-technical-bounces+claus.kick=siemens.com(a)OpenLDAP.org
[mailto:openldap-technical-bounces+claus.kick=siemens.com@OpenLDAP.org] Im Auftrag von
Hammad Ahmad Bhatti
Gesendet: Mittwoch, 8. April 2009 14:58
An: Terry.Gardner(a)sun.com; openldap-technical(a)openldap.org
Betreff: RE: Ldap authentication
Thank you terry for bothering this. Actually I want that super user should
authenticate locally like /etc/passwd or /etc/shadow. Please advice if you
have any suggestion for this.
Hammad Ahmad | Associate Network Administrator | Network Operations Center |
noc(a)i2cinc.com
i2c Inc. | 1300 Island Drive, Suite 105, Redwood City, CA 94065| URL:
www.i2cinc.com
Tel: (650) 593 5400 x4105 | 24x7 NOC: (650) 480 5291 | Fax: (650) 593 5402
-----Original Message-----
From: Terry.Gardner(a)Sun.COM [mailto:Terry.Gardner@Sun.COM]
Sent: Wednesday, April 08, 2009 5:50 PM
To: Hammad Ahmad Bhatti
Cc: openldap-technical(a)openldap.org
Subject: Re: Ldap authentication
If you are asking if the superuser account on a Linux system should
authenticate via something other than the local files (/etc/password, /
etc/shadow, etc), then I would remark that that is not something I would
recommend.
On Apr 8, 2009, at 2:47 AM, Hammad Ahmad Bhatti wrote:
Hello,
I have configured openldap for SSO. Now I am authenticating all of my
linux boxes with this SSO. Now I have requirement that my root user
should not authenticate through this SSO. Rest of all users should
authenticate through this.
Can any one have any suggestion for this.
Thannn Koooo
Hammad Ahmad
======
Terry.Gardner(a)Sun.COM
Blog: http://blogs.sun.com/terrygardner
Blog: http://dtfar.blogspot.com
Twitter: http://twitter.com/tgardner
SLAMD: http://slamd2.dev.java.net
"The best things in life are not things."
5283
days inactive
5283
days old
openldap-technical@openldap.org
3 comments
3 participants
participants (3)
-
Hammad Ahmad Bhatti -
Kick, Claus -
Terry Gardner