Using pam_filter in ldap.conf

		LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Using pam_filter in ldap.conf

Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

Are you new to LinuxQuestions.org? Visit the following links:
Site Howto | Site FAQ | Sitemap | Register Now

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.

Exclusive for LQ members, get up to 45% off per month. Click here for more info.

Search this Thread

06-16-2009, 06:11 PM	#1
ciphyre Member Registered: Aug 2008 Distribution: FEDORA, RHEL, SLES Posts: 51 Rep:	Using pam_filter in ldap.conf Using ldap I am currently using "roles" for user authorization for access to target hosts. I add a host attribute to user's accounts where I define a "role" or set of "roles" that that is checked when a user attempts to login to a host. On the hosts I modify ldap.conf as follows: pam_filter &(objectclass=posixAccount) (host=<rule>) If the user has the <rule> attribute defined in their ldap record, they get in, if not they are denied. I am trying to find a way to do the same thing but on a group basis. I have groups defined in ldap with groupofuniquenames and the posixgroup object class. If I add users to a group and add the host attribute to that group, I would like to use pam_filter to filter by posixAccount and posixGroup and host=<rule>. Is this possible and if so how? I am not sure how to do this with pam_filter. Thanks.

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is Off HTML code is Off Forum Rules

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
pam/ldap : custom pam_filter rule	t0bias	Linux - Security	0	01-22-2009 09:03 AM
ldap.conf: uri vs host	yurii	Red Hat	4	03-26-2008 07:17 AM
ldap.conf with multiple servers	Neruocomp	Linux - Server	0	11-02-2007 12:53 PM
dovecot-ldap.conf example file	paul_mat	Linux - Networking	0	01-12-2006 05:31 AM
LDAP & NSSwitch.conf	matarodi	Debian	0	09-11-2005 03:10 AM

All times are GMT -5. The time now is 08:45 PM.

Main Menu

(Con't)

My LQ

Write for LQ

LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.

Main Menu

Syndicate

Latest Threads

LQ News

Twitter: @linuxquestions