[arch-general] A peculiar LDAP setup

Linas linas_fi at ymail.com
Mon Apr 26 19:23:11 CEST 2010

Piyush P Kurur wrote:
> Hi,
> 	We have configured a set of machines to authenticate
> against an LDAP database. For some machines we do not want the
> users to login via their normal shell but some custom program
> runs for them. For example if some one tries to login to the
> smtp server via ssh, they get authenticated via LDAP but their
> default shell fo smtp should be say a program that sets up the
> email forwarding. 
> More generally is there a way, by mucking around in the pam config
> or ldap config to ignore certain fields in the ldap database and
> fill it with some default values. Is there a way to achieve this
> apart from inelegent ways like copying the ldap database locally
> and creating a /etc/passwd file ?
> Best Regards
> ppk

Look for ForceCommand in sshd_config(5)

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

More information about the arch-general mailing list