Talk:Restricting LDAP pam logins
From Gentoo Wiki
Note
Before creating a discussion or leaving a comment, please read about using talk pages. To create a new discussion, click here. Comments on an existing discussion should be signed using
Before creating a discussion or leaving a comment, please read about using talk pages. To create a new discussion, click here. Comments on an existing discussion should be signed using
~~~~
:
A comment [[User:Larry|Larry]] 13:52, 13 May 2024 (UTC) : A reply [[User:Sally|Sally]] 10:30, 13 October 2024 (UTC) :: Your reply ~~~~
Navigate to first
pam_login is documentetd but not how to allow only special users to login from LDAP DC.
With this setting a group or user from LDAP gets only a granded login if listed in the /etc/passwd file with +@ by a user or group entry.
This is used for all PAM LDAP logins: SSH, FTP, MySQL or what ever you use with LDAP PAM.
This is a passwd LDAP feature.
The "passwd_compat: ldap" setting is not documented in the offical Documentation from the nsswitch.conf, neither an option with "+@" for allowes users / groups is documented there.
I can't see any of this settings in the Offical Documentation with LDAP.