authorized services
This commit is contained in:
parent
0f39ef3ba7
commit
7e8b4679cd
|
@ -1854,6 +1854,34 @@ Have fun!
|
|||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Authorized services</title>
|
||||
|
||||
<para>You can setup PAM to check if a user is allowed to run a
|
||||
specific service (e.g. sshd) by reading the LDAP attribute
|
||||
"authorizedService". This way you can manage all allowed services via
|
||||
LAM.</para>
|
||||
|
||||
<para></para>
|
||||
|
||||
<para>To activate this PAM feature please setup your <emphasis
|
||||
role="bold">/etc/libnss-ldap.conf</emphasis> and set
|
||||
"pam_check_service_attr" to "yes".</para>
|
||||
|
||||
<para></para>
|
||||
|
||||
<para>Inside LAM you can now set the allowed services. You may also
|
||||
setup default services in your account profiles.</para>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/mod_authorizedServices.png" />
|
||||
</imageobject>
|
||||
</mediaobject>
|
||||
</screenshot>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>IMAP mailboxes</title>
|
||||
|
||||
|
@ -3714,6 +3742,24 @@ Have fun!
|
|||
Pro.</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
<imagedata fileref="images/schema_authorizedServices.png" />
|
||||
</imageobject>
|
||||
</inlinemediaobject></entry>
|
||||
|
||||
<entry>Authorized services</entry>
|
||||
|
||||
<entry>authorizedServiceObject</entry>
|
||||
|
||||
<entry>ldapns.schema</entry>
|
||||
|
||||
<entry>Part of libpam-ldap installation</entry>
|
||||
|
||||
<entry></entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><inlinemediaobject>
|
||||
<imageobject>
|
||||
|
|
Binary file not shown.
After Width: | Height: | Size: 31 KiB |
Binary file not shown.
After Width: | Height: | Size: 3.4 KiB |
Loading…
Reference in New Issue