LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices



Reply
 
Search this Thread
Old 09-13-2004, 05:04 AM   #1
Builder
Member
 
Registered: Jun 2004
Location: London
Distribution: Red Hat, SuSE, Gentoo
Posts: 80

Rep: Reputation: 15
LDAP authentication question - how do I know if a user is permitted to use a system ?


Hi all,

I've got an LDAP server setup and my other servers are able to authenticate against this instead of using locally managed accounts.

The question I have though, is how do I allow only users that are supposed to have access to a machine to login ?

At the moment, any user in the LDAP directory can logon to any server that uses the LDAP server to authenticate. Obviously, this is not ideal in a production environment as not all users should be permitted to use all systems.

Any ideas ?

Thanks,
 
Old 09-15-2004, 06:40 AM   #2
bigrigdriver
LQ Addict
 
Registered: Jul 2002
Location: East Centra Illinois, USA
Distribution: Debian Squeeze
Posts: 5,805

Rep: Reputation: 324Reputation: 324Reputation: 324Reputation: 324
The modern Linux kernels also offer ACL (acces contrl list) which expands upon the basic file access permissions.
 
Old 09-15-2004, 07:12 AM   #3
Builder
Member
 
Registered: Jun 2004
Location: London
Distribution: Red Hat, SuSE, Gentoo
Posts: 80

Original Poster
Rep: Reputation: 15
Quote:
Originally posted by bigrigdriver
The modern Linux kernels also offer ACL (acces contrl list) which expands upon the basic file access permissions.
Yes, but I don't even want the user to be able to login to the machine if they should be on it.

Normally a user should exist in /etc/passwd, or they won't be allowed in. With LDAP, it appears that any user in the directory is allowed to login to every server that authenticates by LDAP.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
system authentication + LDAP bart703 Linux - Software 3 08-27-2005 11:50 AM
LDAP-CVS-User Authentication ralagar_raja Linux - Enterprise 0 01-04-2005 06:42 AM
LDAP Authentication w/ Local User Information Adrian W Linux - Security 13 08-17-2004 12:09 PM
user authentication with ldap on slackware? micval Slackware 4 01-16-2004 02:19 AM
Quick Q on LDAP and user authentication tarballed Linux - General 3 03-29-2003 04:08 AM


All times are GMT -5. The time now is 10:25 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration