On Thu, 2018-11-08 at 16:36 -0800, Leonard Lawton wrote:
> I'm looking to setup HBAC for linux servers. People currently login
> to
> the hosts(via ssh) using ssh keys(no password).
>
> I was thinking that one way to control access is by denying the
> sshPublicKey(or even the uid, many options
I'm looking to setup HBAC for linux servers. People currently login to
the hosts(via ssh) using ssh keys(no password).
I was thinking that one way to control access is by denying the
sshPublicKey(or even the uid, many options here) from being visible on
the host by default, and creating an
On 11/8/18 3:47 AM, Zombie fork wrote:
Hi,
Today we have a global account lockout policy in 389 which is
applied to a specific instance.
With many countries applying different compliance rules for securing
personal data of their cititizen we see an increasing demand to have a
seperate
Hi,
Today we have a global account lockout policy in 389 which is applied
to a specific instance.
With many countries applying different compliance rules for securing
personal data of their cititizen we see an increasing demand to have a
seperate account lockout policy for special types of
The easiest way to find out is just to try it :-)
ldapsearch -LLL -o ldif-wrap=no -h localhost -p 38901 -x -D
"cn=directory manager" -w ... -b "dc=example,dc=com" uid=kwinters
objectclass description uid
dn: uid=kwinters,ou=People,dc=example,dc=com
objectclass: top
objectclass: person
