[389-users] Re: Login restrictions

2016-04-29 Thread Kalchik, Jeffery
ssd.conf or /etc/ldap.conf. Jeff Kalchik Systems Engineering Land O'Lakes -Original Message- From: Enrico Morelli [mailto:more...@cerm.unifi.it] Sent: Friday, April 29, 2016 3:02 AM To: 389-users@lists.fedoraproject.org Subject: [389-users] Re: Login restrictions On Thu, 28 Apr 2016 13:12:

[389-users] Re: Login restrictions

2016-04-29 Thread Enrico Morelli
---Original Message- > From: Enrico Morelli [mailto:more...@cerm.unifi.it] > Sent: Thursday, April 28, 2016 4:07 AM > To: 389-users@lists.fedoraproject.org > Subject: [389-users] Re: Login restrictions > > On Wed, 27 Apr 2016 17:44:22 - > "Lukas Slebodnik"

[389-users] Re: Login restrictions

2016-04-28 Thread Kalchik, Jeffery
28, 2016 4:07 AM To: 389-users@lists.fedoraproject.org Subject: [389-users] Re: Login restrictions On Wed, 27 Apr 2016 17:44:22 - "Lukas Slebodnik" <lsleb...@fedoraproject.org> wrote: > > Is it possible to restrict login only to to whom bound to a > > dete

[389-users] Re: Login restrictions

2016-04-28 Thread Enrico Morelli
On Wed, 27 Apr 2016 17:44:22 - "Lukas Slebodnik" wrote: > > Is it possible to restrict login only to to whom bound to a > > determinated group? > > > > I tried to use the following lines in sssd.conf but doesn't works: > > > > access_provider = ldap > >

[389-users] Re: Login restrictions

2016-04-27 Thread Lukas Slebodnik
> Is it possible to restrict login only to to whom bound to a > determinated group? > > I tried to use the following lines in sssd.conf but doesn't works: > > access_provider = ldap > ldap_access_order = filter > ldap_access_filter = (gidNumber=900) I think it might be simpler to use

[389-users] Re: Login restrictions

2016-04-27 Thread Enrico Morelli
On Wed, 27 Apr 2016 08:24:46 -0500 (CDT) "Patrick M. Landry" wrote: > I accomplish this with the pam_access module and an appropriate > access.conf file on my Red Hat flavored machines. > > http://linux.die.net/man/8/pam_access > >