On Thu, Apr 11, 2013 at 10:30:26PM -0700, Jason Bishop wrote:
> hi errbody, i may have an easy question, but i haven't found anything in
> the documentation which describes my use-case exactly. i hope you can help.
>
> my environment is kerberos for authentication and kerberos using
> host-keytab
The following entry into an ldap.conf file on a RHEL V5 system provides for the
ability to limit users
based in their GID values:
nss_base_passwd OU=ldap,DC=mydomain,DC=net?one?|(gidNumber=11001)
(gidNumber=11003)
Only those users with GID's of 11001 or 11003 can login. All others are
prohibi
On Fri, Apr 12, 2013 at 12:26:15PM +, Licause, Al (BCS) wrote:
> The following entry into an ldap.conf file on a RHEL V5 system provides for
> the ability to limit users
> based in their GID values:
>
> nss_base_passwd OU=ldap,DC=mydomain,DC=net?one?|(gidNumber=11001)
> (gidNumber=11003)
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/12/2013 08:26 AM, Licause, Al (BCS) wrote:
> The following entry into an ldap.conf file on a RHEL V5 system
> provides for the ability to limit users
>
> based in their GID values:
>
>
>
> nss_base_passwd OU=ldap,DC=mydomain,DC=net?one?|(gidN
Headnode has keytab, there are also 3 login nodes and they have keytab too.
then there are 100 compute nodes which presently do not.
anonymous is clever idea, but i was hoping to instrument compute nodes such
that my user and group filters on headnode sssd config would be in effect.
IE the users
On 04/12/2013 11:04 AM, Jason Bishop wrote:
>
> Headnode has keytab, there are also 3 login nodes and they have keytab
> too. then there are 100 compute nodes which presently do not.
>
> anonymous is clever idea, but i was hoping to instrument compute nodes
> such that my user and group filters on
