PAM + LDAP and SSH

and now for everyone else too :)

• Forwarded message ---------- From: Martin Marcher <martin.marcher@gmail.com> Date: Aug 1, 2007 1:33 AM Subject: Re: PAM + LDAP and SSH To: Ron Peterson <rpeterso@mtholyoke.edu>

hello,

On 7/31/07, Ron Peterson <rpeterso@mtholyoke.edu> wrote:
> 2007-07-31_12:51:35-0400 Allan Senna Porto <allan.porto@gmail.com>:
> > Hi,
> > Anyone know about problems with /etc/security/access.conf and
> > SSH in Etch?
> > I'm trying to block ldap users to access my servers, but
> > everything that I made don't block user to loggin.
> > If I use this to /etc/pam.d/login and /etc/pam.d/gdm, the
> > user can't loggin.
>
> It would help others to help you to see what you actually did.

this is how i do it:

# ldapsearch -x -LLL -b 'ou=people,dc=example,dc=com'\  '(&(objectClass=sambaSamAccount))' dn host dn: uid=will.waldo,ou=accounts,ou=people,dc=example,dc=com

host: havanna.example.com
host: kairo.example.com
host: novosibirsk.example.com

# grep filter /etc/pam_ldap.conf
pam_filter |(host=backend.example.com)(host=\*)

hth
martin

-- 
Martin Marcher
martin.marcher@gmail.com
http://www.mycorners.comhttps://www.xing.com/profile/Martin_Marcherhttp://www.linkedin.com/in/martinmarcherhttp://www.studivz.net/profile.php?ids=9f83ea8c5996b8echttp://www.amazon.de/gp/registry/wishlist/3KDAGCL2NKOIM/ref=reg_hu-wl_goto-registry/302-4432803-5146435?ie=UTF8&sort=date-added


-- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org