13 Mar 2012 17:38
Re: check group membership locally and in also in ldap
bloguillard <blog <at> guillard.nom.fr>
2012-03-13 16:38:45 GMT
2012-03-13 16:38:45 GMT
Note : To clarify what I try to do : I try to create an ldap "sysgroup" posixgroup entry whose usual (and unusual) "sysaccounts" would be member of to be able grant to the members of that "sysgroup" specific rights ( declared in security/access.conf). I'm also open to suggestions(Continue reading)-- Olivier 2012/3/13 bloguillard <blog <at> guillard.nom.fr>: > Hello, > > I have configure a redhat box to authenticate users over an > openldap server. "Systems" account ( uid > 500 ) are not > created in ldap but are authentified over local password db. > > system-auth : > ... > auth required pam_env.so > auth sufficient pam_unix.so nullok try_first_pass > auth requisite pam_succeed_if.so uid >= 500 quiet > auth sufficient pam_sss.so use_first_pass > auth required pam_deny.so > ... >
RSS Feed