07-20-2018
so been working with the customer SA and they state they're using sshd.conf to limit access. They're using AllowGroups for their delineation. I'm sure other customers are likely using other options, but I can only work with what I know and something is better than nothing.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi
Is it possible to add the following to an ldif entry:
dn=estmmartín
i.e Note the charchter 'í'
Thanks in advance (3 Replies)
Discussion started by: tom123
3 Replies
2. Shell Programming and Scripting
Hi
I'm not a programmer but am muddling through as best I can. I am trying to set up a PostSearchHook for Radiator (RADIUS server), that carries out an LDAP lookup, and, based on the
string returned ("staff" or "student") in the "businessCategory" attribute, will set the $role to be either 40... (3 Replies)
Discussion started by: mikie
3 Replies
3. UNIX for Dummies Questions & Answers
I would like to do an ldap search which looks for entries which do not actually have a certain attribute. Not that the attribute is Null, but where the attribute does not exist.
Is this possible using ldapsearch? (3 Replies)
Discussion started by: dopple
3 Replies
4. UNIX for Dummies Questions & Answers
Hi All,
Pardon me if this turns out to be a dumb question. But I am trying to schedule a cron job for a my script which takes input options. So an entry in crontab would be something like:
1 * * * * run_report.sh -o out.csv -m monthly -e somename@email.com > cron_output.log 2> cron_error.log... (3 Replies)
Discussion started by: trueharsh
3 Replies
5. Solaris
Hi all
I had a mail issue earlier today where I was not receiving any emails from the servers of one of our clients.
The mail queue just showed this:
-----Q-ID----- --Size-- -----Q-Time----- ------------Sender/Recipient-----------
o8S7eSpp020274* 5858 Tue Sep 28 10:42... (0 Replies)
Discussion started by: notreallyhere
0 Replies
6. Red Hat
Hi,
We have a mail server which has Zimbra installed on it and a file server. Folks use the same login information they use to access their email to access the file server. So the file server is using the same LDAP server as the mail server.
Couple days ago, at around 12 PM all of the sudden,... (3 Replies)
Discussion started by: tezarin
3 Replies
7. Shell Programming and Scripting
Hi All,
I have a existing Ldap query which take a HOME as variable and gives the result where i grep for a particular line.
ldapsearch -h server_domain_name -p 389 -D "uid=user,ou=appadm,o=ent" -w PaB -b "ou=roles,o=ent" "cidx=$HOME" | grep -w "ent: xyz"
Now i have 330K Homes in a... (1 Reply)
Discussion started by: posner
1 Replies
8. Emergency UNIX and Linux Support
Hi Friends,
I have below scenarios .
dom1.test.com - LDAP
dom2.test.com - AD
Requirement is establish a trust relation between LDAP and AD server in such a way that if any user login on LDAP managed authentication server with
dom1\username -> get authenticated by LDAP host
... (2 Replies)
Discussion started by: Shirishlnx
2 Replies
9. Shell Programming and Scripting
Hello,
i need some help with a script. I made a script, which connect to different hosts to get some informations. But i got now some problems with getting informations of a database (db2) which is on a other host. I tried something like
var=$(rsh HOST su - db2adm -c "db2 connect to database;... (2 Replies)
Discussion started by: Cyver
2 Replies
10. UNIX and Linux Applications
I need to write LDAP group query where I need to find if a particular user is a member of a 2 specific Groups. This is LDAP Novell edirectory implementation.
Below are the details -
================
LDIF entry for OndotAPI group
dn: cn=OndotAPI,ou=Groups,o=CNS
changetype: add ... (0 Replies)
Discussion started by: jhamaks
0 Replies
LEARN ABOUT OPENSOLARIS
pam_deny
pam_deny(5) Standards, Environments, and Macros pam_deny(5)
NAME
pam_deny - PAM authentication, account, session and password management PAM module to deny operations
SYNOPSIS
pam_deny.so.1
DESCRIPTION
The pam_deny module implements all the PAM service module functions and returns the module type default failure return code for all calls.
The following options are interpreted:
debug syslog(3C) debugging information at the LOG_AUTH|LOG_DEBUG levels
ERRORS
The following error codes are returned:
PAM_ACCT_EXPIRED If pam_sm_acct_mgmt is called.
PAM_AUTH_ERR If pam_sm_authenticate is called.
PAM_AUTHOK_ERR If pam_sm_chauthtok is called.
PAM_CRED_ERR If pam_sm_setcred is called.
PAM_SESSION_ERR If pam_sm_open_session or pam_sm_close_session is called.
EXAMPLES
Example 1 Disallowing ssh none authentication
sshd-none auth requisite pam_deny.so.1
sshd-none account requisite pam_deny.so.1
sshd-none session requisite pam_deny.so.1
sshd-none password requisite pam_deny.so.1
Example 2 Disallowing any service not explicitly defined
other auth requisite pam_deny.so.1
other account requisite pam_deny.so.1
other session requisite pam_deny.so.1
other password requisite pam_deny.so.1
ATTRIBUTES
See attributes(5) for a description of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
|MT Level |MT-Safe with exceptions |
+-----------------------------+-----------------------------+
SEE ALSO
su(1M), libpam(3LIB), pam(3PAM), pam_sm_authenticate(3PAM), syslog(3C), pam.conf(4), nsswitch.conf(4), attributes(5), pam_authtok_check(5),
pam_authtok_get(5), pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5), pam_unix_account(5), pam_unix_auth(5), pam_unix_session(5),
privileges(5)
NOTES
The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.
The pam_deny module is intended to deny access to a specified service. The other service name may be used to deny access to services not
explicitly specified.
SunOS 5.11 16 Jun 2005 pam_deny(5)