[389-users] Migrating to LDAP authentication
patrick.morris at hp.com
patrick.morris at hp.com
Fri Feb 12 11:28:09 UTC 2010
On Fri, 12 Feb 2010, Sean Carolan wrote:
> > Set up a local root user on every box. I highly recommend not relying
> > on LDAP for that, or you're a bit screwed if, for example, your network
> > cable goes bad.
>
> Right, I just made my AllowGroups line look like this:
>
> AllowGroups root operations
>
> AllowUsers appears to trump AllowGroups so this is a good solution.
Ah... you meant how do you allow SSH logins for root.
I misunderstood. To that, I would've answered "don't," but if you want
to allow direct remote root access, that's your call.
More information about the 389-users
mailing list