Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Can I restrict IP and AIX account at the same time?
Operating Systems AIX Can I restrict IP and AIX account at the same time? Post 302972787 by nnnnnnine on Tuesday 10th of May 2016 10:26:05 PM
Old 05-10-2016
Hi dukessd,

Thanks for your reply.

But when I use AIX filtering (ipsec) , I only can restrict IP address.

How to restrict specific user login?
for example:
user alice can login to AIX (via ssh or telnet) from 192.168.1.100
user bob can not login to AIX (via ssh or telnet) from 192.168.1.100

I do not want all user can not login to AIX from 192.168.1.100
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

How to restrict account to one log-in?

Our users have the tendency to use only one login account, to do their jobs. Obvious itīs a matter of training our users. But our internal audit team insists on restrictions from our system. So is there an option to restrict an account to only login once into the system? We use HP-UX 11.0. ... (0 Replies)
Discussion started by: Egroman
0 Replies

2. UNIX for Advanced & Expert Users

how to find creation time of an account?

Hi all, I want to know the time when a perticular user is created, atleat in which year it is created. Could any one help me in this issue. Thanks in advance. Regards, M.Sukumar (1 Reply)
Discussion started by: sukumar
1 Replies

3. AIX

AIX shell account

I am just wondering if there is a way I can obtain a free shell account for an AIX server that I can make test drive on it. I tried google search and ibm's web site but couldn't find anything.. regards, (2 Replies)
Discussion started by: milhan
2 Replies

4. AIX

How to restrict Highports in AIX 5.2

Hello, I am using wu-ftp 2.4.2 in AIX 5.2. I wanted to restrict high ports for dataconnection. by default dataconnection ports will be from range 1024 to 65536. But i wanted to restrict it to some range like 10000 - 10500. This setting is to enable ports at client firewall. Please let me... (0 Replies)
Discussion started by: balareddy
0 Replies

5. Shell Programming and Scripting

How to restrict running one instance of scp at any time in fsniper

How to restrict running one instance of scp at any time? (2 Replies)
Discussion started by: proactiveaditya
2 Replies

6. Solaris

How to Restrict user login after certain time in Solaris??

My OS is Solaris 10, I would like to know if there is any way to restrict user login to the system (either remote or console login) after certain time, say 20:00 on Mon to Fri and whole day on SAT and SUN??? Sorry that I am a new user on Unix System. Any comment is fully appreciated!!! Alex (7 Replies)
Discussion started by: alessandro31
7 Replies

7. AIX

AIX: Could not login using NIS Account?

Hi there, I am new to AIX environment, when I set up NIS Client for an AIX 5.3 Machine to connect to a Linux NIS Master, everything seems to be okie: /etc/passwd: +::0:0::: /etc/group: +: ps -ef | egrep "ypbind": /usr/lib/netsvc/yp/ypbind -ypsetme -ypsetme I can get all account... (0 Replies)
Discussion started by: quanba
0 Replies

8. UNIX for Advanced & Expert Users

IBM directory server - how to restrict AIX client access to read-only

Hello all, I am using IBM Directory Server (as a part of AIX7 extension pack) in an AIX environment. To set up the server I use command: mksecldap -s -a cn=admin -p PWD -S RFC2307AIX -d o=COMPANY -u NONE Then, to set up IDS clients I use the following (I have 2 mutually replicating servers... (0 Replies)
Discussion started by: Myaso
0 Replies

9. UNIX for Beginners Questions & Answers

How to restrict ftpusers in AIX to home directory?

I need to know how to restrict the ftpusers within their home directory in AIX 7.1 For example for ftpuser nonoftp I have tried putting this entry to /etc/ftpaccess.ctl and refreshed inetd but the directory listing unsuccessful error comes with the entry. Without the ftpaccess.ctl file ftp users... (2 Replies)
Discussion started by: pregmi
2 Replies

10. UNIX for Advanced & Expert Users

Restrict service account from direct interactive sessions

Environment: CentOS 7 I would like to have a solution where a service account can access a server in only these ways: ssh non-interactively via password or ssh key; that is, run commands or scripts (but running anything in /etc/shells will not be allowed) not ssh interactively regular... (2 Replies)
Discussion started by: bgstack15
2 Replies

LEARN ABOUT CENTOS

doveadm-director

DOVEADM-DIRECTOR(1)						      Dovecot						       DOVEADM-DIRECTOR(1)

NAME

       doveadm-director - Manage Dovecot directors

SYNOPSIS

       doveadm [-Dv] director add [-a director_socket_path] host [vhost_count]
       doveadm [-Dv] director flush [-a director_socket_path] host|all
       doveadm [-Dv] director map [-a director_socket_path] [-f users_file] [host]
       doveadm [-Dv] director remove [-a director_socket_path] host
       doveadm [-Dv] director dump [-a director_socket_path]
       doveadm [-Dv] director status [-a director_socket_path] [user]

DESCRIPTION

       doveadm	director  can  be used to manage and query the status of the list of backend mail servers where Dovecot proxy can redirect connec-
       tions to.

OPTIONS

       Global doveadm(1) options:

       -D     Enables verbosity and debug messages.

       -v     Enables verbosity, including progress counter.

       Command specific options:

       -a director_socket_path
	      This option is used to specify an alternative socket.  The option's argument is either an absolute  path	to  a  local  UNIX  domain
	      socket, or a hostname and port (hostname:port), in order to connect a remote host via a TCP socket.

	      By default doveadm(1) will use the socket /var/run/dovecot/director-admin.  The socket may be located in another directory, when the
	      default base_dir setting was overridden in /etc/dovecot/dovecot.conf.

ARGUMENTS

       host   A mail server's hostname or IP address.

       user   Is a user's login name.  Depending on the configuration, a login name may be for example jane or john@example.com.

       vhost_count
	      The number of "virtual hosts" to assign to this server. The higher the number is relative to other servers, the more connections	it
	      gets. The default is 100.

COMMANDS

   director add
       doveadm director add [-a director_socket_path] host [vhost_count]

       The command's tasks are:

       *   assign a new mail server to the director.

       *   increase/decrease the vhost_count of an already assigned server.

   director flush
       doveadm director flush [-a director_socket_path] host|all

       doveadm	director  flush  drops all user associations either from the given host or all hosts.  This command is intended mainly for testing
       purposes.

   director map
       doveadm director map [-a director_socket_path] [-f users_file] [host]

       The command doveadm director map is used to list current user -> host mappings. Note that the director works using 32bit hashes which makes
       collisions quite likely, so this command can't reliably list exactly which users have recently logged in.

       -f users_file
	      Path  to	a  file  containing  all user names (one per line).  When given no userdb lookup will be performed.  This may be a helpful
	      alternative when for example the network connection to the LDAP or SQL server is slow.

       host   Specify a server's IP address or hostname, to list only mappings of the given host.

   director remove
       doveadm director remove [-a director_socket_path] host

       Use this command in order to remove the given host from the director.

   director dump
       doveadm director dump [-a director_socket_path]

       Dump the current host configuration as doveadm commands. These commands can be easily run after a full director cluster restart to get back
       to the dumped state.

   director status
       doveadm director status [-a director_socket_path] [user]

       This command is used to show the current usage of all assigned mail servers.
       When  a	user  name  is given, this command shows which server the user is currently assigned to, where the user will be assigned after the
       current saved assignment gets removed and where the user would be assigned to if the whole proxy cluster was restarted fresh.

FILES

       /etc/dovecot/dovecot.conf
	      Dovecot's main configuration file.

       /etc/dovecot/conf.d/10-director.conf
	      Director specific settings.

EXAMPLE

       Add a director with vhost count 150 (or change existing one's vhost count to 150):

       doveadm -v director add x1357.imap.ha.example.net 150
       2001:db8:543:6861:143::1357: OK

       Remove a director:

       doveadm director remove x1357.imap.ha.example.net

       Query the status of mail hosts in a director:

       doveadm director status
       mail server ip	    vhosts  users
       192.168.10.1	       100    125
       192.168.10.2	       100    144
       192.168.10.3	       100    115

       Query the status of a user's assignment:

       doveadm director status user@example.com
       Current: 192.168.10.1 (expires 2010-06-18 20:17:04)
       Hashed: 192.168.10.2
       Initial config: 192.168.10.3

       This means that the user is currently assigned to mail server on IP 192.168.10.1. After all of user's  connections  have  logged  out,  the
       assignment  will  be  removed  (currently it looks like at 20:17:04, but that may be increased). After the assignment has expired, the user
       will next time be redirected to 192.168.10.2 (assuming no changes to director settings). If the entire Dovecot proxy cluster was restarted,
       so that all of the director configuration would revert back to its initial values, the user would be redirected to 192.168.10.3.

REPORTING BUGS

       Report  bugs,  including doveconf -n output, to the Dovecot Mailing List <dovecot@dovecot.org>.	Information about reporting bugs is avail-
       able at: http://dovecot.org/bugreport.html

SEE ALSO

       doveadm(1)

Dovecot v2.2							    2013-07-12						       DOVEADM-DIRECTOR(1)
All times are GMT -4. The time now is 02:18 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy