How are you connected to Active Directory? Are you using sssd auth? If so, you can use a value in /etc/sssd/sssd.conf:
If you are using nscd/nslcd which use a more traditional ldap method, there's an option somewhere for your ldap search string. You can write a query that matches just the groups or users you want to allow.
Last edited by bgstack15; 10-05-2018 at 10:20 AM..
Reason: fix tags
how can i find my own ip address from unix. command like who -x .this would provide all the ip address but i need to list only current user ip address. who am i command does not display the ip. (1 Reply)
how can i find my own ip address from unix. command like who -x .this would provide all the ip address but i need to list only current user ip address. who am i command does not display the ip. (9 Replies)
Hi,
I'm brand new here and looking for a solution:
I'm using mail or mailx. The default reply address is «myshortusername@mylongusername.local» which makes absolutely no sense for anybody receiving my emails.
But how do I change it? There seem to be many solutions but none for Mac OS X.... (0 Replies)
Besides doing some shell-script which loops through /etc/passwd, I was wondering if there was some command that would tell me, like an enhanced version of getent.
The Operating system is Solaris 10 (recent-ish revision) using Sun DS for LDAP. (5 Replies)
Hi Gurus,
I have a script that requires me to switch from local user to root. Anyone who has an idea on this since when i switch user to root it requires me to input root password.
It seems that i need to use expect module here, but i don't know how to create the object for this.
... (1 Reply)
Here is the log im pasting for verbose ssh:
-bash-2.05b$ ssh -v qa_fnp@10.41.11.23
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will... (5 Replies)
Hi
We have these specific requirements for a bunch of servers we have and cannot seem to get pam to behave in this way. We would like:
PAM locks accounts if pam tally reaches 10.
PAM unlocks the account after 30mins from locking it, and resets the pam_tally.
The key is that we don't... (0 Replies)
Hi,
I need to switch from local user to root user in a shell script.
I need to make it automated so that it doesn't prompt for the root password.
I heard the su command will do that work but it prompt for the password.
and also can someone tell me whether su command spawns a new shell or... (1 Reply)
Discussion started by: Little
1 Replies
LEARN ABOUT DEBIAN
sssd_krb5_locator_plugin
SSSD_KRB5_LOCATOR_PL(8) SSSD Manual pages SSSD_KRB5_LOCATOR_PL(8)NAME
sssd_krb5_locator_plugin - the configuration file for SSSD
DESCRIPTION
The Kerberos locator plugin sssd_krb5_locator_plugin is used by the Kerberos provider of sssd(8) to tell the Kerberos libraries what Realm
and which KDC to use. Typically this is done in krb5.conf(5) which is always read by the Kerberos libraries. To simplify the configuration
the Realm and the KDC can be defined in sssd.conf(5) as described in sssd-krb5.conf(5)sssd(8) puts the Realm and the name or IP address of the KDC into the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively.
When sssd_krb5_locator_plugin is called by the kerberos libraries it reads and evaluates these variables and returns them to the libraries.
NOTES
Not all Kerberos implementations support the use of plugins. If sssd_krb5_locator_plugin is not available on your system you have to edit
/etc/krb5.conf to reflect your Kerberos setup.
If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value debug messages will be sent to stderr.
SEE ALSO sssd-krb5(5), sssd.conf(5), sssd(8)AUTHORS
The SSSD upstream - http://fedorahosted.org/sssd
SSSD 03/04/2013 SSSD_KRB5_LOCATOR_PL(8)