LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
Reload this Page LDAP authentication question - how do I know if a user is permitted to use a system ?
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices


Reply
  Search this Thread
Old 09-13-2004, 04:04 AM   #1
Builder
Member
 
Registered: Jun 2004
Location: London
Distribution: Red Hat, SuSE, Gentoo
Posts: 80

Rep: Reputation: 15
LDAP authentication question - how do I know if a user is permitted to use a system ?

Hi all,

I've got an LDAP server setup and my other servers are able to authenticate against this instead of using locally managed accounts.

The question I have though, is how do I allow only users that are supposed to have access to a machine to login ?

At the moment, any user in the LDAP directory can logon to any server that uses the LDAP server to authenticate. Obviously, this is not ideal in a production environment as not all users should be permitted to use all systems.

Any ideas ?

Thanks,
 
Old 09-15-2004, 05:40 AM   #2
bigrigdriver
LQ Addict
Contributing Member
 
Registered: Jul 2002
Location: East Centra Illinois, USA
Distribution: Debian stable
Posts: 5,908

Rep: Reputation: 356Reputation: 356Reputation: 356Reputation: 356
The modern Linux kernels also offer ACL (acces contrl list) which expands upon the basic file access permissions.
 
Old 09-15-2004, 06:12 AM   #3
Builder
Member
 
Registered: Jun 2004
Location: London
Distribution: Red Hat, SuSE, Gentoo
Posts: 80

Original Poster
Rep: Reputation: 15
Quote:
Originally posted by bigrigdriver
The modern Linux kernels also offer ACL (acces contrl list) which expands upon the basic file access permissions.
Yes, but I don't even want the user to be able to login to the machine if they should be on it.

Normally a user should exist in /etc/passwd, or they won't be allowed in. With LDAP, it appears that any user in the directory is allowed to login to every server that authenticates by LDAP.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
system authentication + LDAP bart703 Linux - Software 3 08-27-2005 10:50 AM
LDAP-CVS-User Authentication ralagar_raja Linux - Enterprise 0 01-04-2005 05:42 AM
LDAP Authentication w/ Local User Information Adrian W Linux - Security 13 08-17-2004 11:09 AM
user authentication with ldap on slackware? micval Slackware 4 01-16-2004 01:19 AM
Quick Q on LDAP and user authentication tarballed Linux - General 3 03-29-2003 03:08 AM

LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise

All times are GMT -5. The time now is 05:09 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration