More LDAP questions

Corey Edwards tensai at zmonkey.org
Thu Aug 7 12:49:19 MDT 2008


On Thu, 2008-08-07 at 12:32 -0600, Mike Lovell wrote:
> So another LDAP question for the list. How could one set up host 
> permissions using LDAP? For example, in the environment I am going to be 
> deploy this in there are a few classes of machines. Some admins for one 
> class of machine, say the web servers, doesn't need to be able to log in 
> to another class of machines, like the dns servers. Is there a way I can 
> set up group permissions so that admins can only log into groups of 
> machines to which they have permission? Thanks for any suggestions you 
> might have.

/etc/security/access.conf will probably accomplish this. You would set
up each machine's access.conf to allow only certain groups. Then just
add the correct users to those groups.

Corey

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://plug.org/pipermail/plug/attachments/20080807/9f8dd372/attachment.bin 


More information about the PLUG mailing list