[389-users] Migrating to LDAP authentication
Sean Carolan
scarolan at gmail.com
Tue Feb 2 17:12:55 UTC 2010
> #2
> a.there is also a setting in /etc/ldap.conf called pam_groupdn. This
> lets you define an LDAP object with multiple membe attributes to
> control who can login. I find it easy to use
> b. SSH can be told to only accept logins from a posix group (same deal
> just handled at a different part of the stack)
One other question came to mind, and that was users with ssh keys.
How will migrating to LDAP-only authentication affect them? Is there
a way to continue allowing these users to use their keys for login?
More information about the 389-users
mailing list