[389-users] Restricting Users for particular Machine?
Ajeet S Raina
ajeetraina at gmail.com
Wed Jan 13 18:24:13 UTC 2010
Kwan,
I added the ldif file under /etc/dirsrv/slapd-389-ds/schema
but there is no file by name ldap.conf under /etc/ directory.
yes I do have /etc/openldap/ldap.conf but it doesnt have pam_attr like stuff
its simply 10-12 lines file.
yes I do have that in client where I installed through yum.
Also, I am confused about:
>From the Account Listing
Select Field in ObjectClass
Where AccountListing option gets displayed.
I dont see any option by that option.
On Wed, Jan 13, 2010 at 12:08 AM, Kwan Lowe <kwan.lowe at gmail.com> wrote:
> 2010/1/12 Ajeet S Raina <ajeetraina at gmail.com>:
> >
>
> > Say I have a 389 Client Machine 10.209.33.77
> > Now if I add this hostname
> > So that user can only access this Host and not the other Right?
> >
> > Pls clarify.How can I stop a particular user to access only that machine?
>
> This is how I did it:
>
> Create Host Based access
> Add the 61ldapns.ldif file to /etc/dirsrv/instancename/schema
> edit /etc/ldap.conf and enable pam_check_host_attr
>
> Go to the management console, then:
> From the Account Listing
> Select Field in ObjectClass
> Add Value
> Select HostObject
> Select Add Attribute
> Select Host
> Enter first host
> Select Host
> Enter Add Value
> Enter second host
> Continue for all hosts
>
>
> https://sites.google.com/site/disciplinux/linux/centralized-authentication
> >
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
--
”It is not possible to rescue everyone who is caught in the Windows
quicksand
--Make sure you are on solid Linux ground before trying.”
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20100113/fe676446/attachment.html>
More information about the 389-users
mailing list