[arch-general] A peculiar LDAP setup
Hi, We have configured a set of machines to authenticate against an LDAP database. For some machines we do not want the users to login via their normal shell but some custom program runs for them. For example if some one tries to login to the smtp server via ssh, they get authenticated via LDAP but their default shell fo smtp should be say a program that sets up the email forwarding. More generally is there a way, by mucking around in the pam config or ldap config to ignore certain fields in the ldap database and fill it with some default values. Is there a way to achieve this apart from inelegent ways like copying the ldap database locally and creating a /etc/passwd file ? Best Regards ppk
Piyush P Kurur wrote:
Hi,
We have configured a set of machines to authenticate against an LDAP database. For some machines we do not want the users to login via their normal shell but some custom program runs for them. For example if some one tries to login to the smtp server via ssh, they get authenticated via LDAP but their default shell fo smtp should be say a program that sets up the email forwarding.
More generally is there a way, by mucking around in the pam config or ldap config to ignore certain fields in the ldap database and fill it with some default values. Is there a way to achieve this apart from inelegent ways like copying the ldap database locally and creating a /etc/passwd file ?
Best Regards
ppk
Look for ForceCommand in sshd_config(5) __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
participants (2)
-
Linas
-
Piyush P Kurur