[SAC] LDAP vs. sudo
Martin Spott
Martin.Spott at mgras.net
Tue Mar 25 07:22:53 PDT 2014
On Tue, Mar 25, 2014 at 02:45:12PM +0100, Markus Neteler wrote:
> On Tue, Mar 25, 2014 at 1:23 PM, Martin Spott <Martin.Spott at mgras.net> wrote:
> > I've converted the Wiki- and the Webextra-VM's to using pam/nss "ldapd"
> > instead of the "ldap" implementation by PADL. Please check if regular
> > SSH login and "sudo" works for you,
>
> All fine now (tested the projVM and webextra).
Great !
Both the Wiki- as well as the Webextra-VM require membership in the
"sac" shell group. If anybody has access to two different but valid
LDAP accounts of which one is a member of this "sac" group and the
other isn't, could they *please* check if the group-filter works (one
should be able to log into "webextra", the other should not) ?
If this group filter proves to be reliable, then I'll convert all the
other VM's to "ldapd" as well.
Thanks,
Martin.
--
Unix _IS_ user friendly - it's just selective about who its friends are !
--------------------------------------------------------------------------
More information about the Sac
mailing list