Date: Mon, 23 Feb 2009 14:17:39 +0100 From: Maciej Milewski <milu@dat.pl> To: freebsd-questions@freebsd.org Cc: Olivier Nicole <on@cs.ait.ac.th> Subject: Re: LDAP pam Message-ID: <200902231417.39868.milu@dat.pl> In-Reply-To: <200902230937.n1N9bJ9l016999@banyan.cs.ait.ac.th> References: <200902230937.n1N9bJ9l016999@banyan.cs.ait.ac.th>
next in thread | previous in thread | raw e-mail | index | archive | help
Monday 23 February 2009 10:37:19 Olivier Nicole napisa=B3(a): > I want the web server to be able to know the users' account stored on > LDAP, but not provide authentication; so I can have URL's of the form > http://my.web/~john/index.html for the user john, where john's home > directory if NFS mounted from the file server, but I don't want john > to be able to log onto the web server. > Of course certain users will be allowed to log onto the web server. > How can this be done with LDAP and PAM. > TIA, > Olivier If you don't want to let users logon to server through SSH you can use=20 DenyUsers/AllowUsers directive in sshd_config As for LDAP and PAM/system there should be some howtos on the net. Shortly:= =20 you will need to install nss_ldap and pam_ldap and setup it correctly to ge= t=20 users from ldap showing in your system. Maciek
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200902231417.39868.milu>