Hi, 'pam_check_host_attr yes' is in /etc/openldap/ldap.conf. /etc/ldap.conf is a softlink to that file. But still the host attribute is ignored. With kind regards, ulrich On 05/05/2015 12:32 PM, Ashish Yadav wrote: > Hi, > > On Tue, May 5, 2015 at 3:32 PM, Ulrich Hiller <hiller at mpia-hd.mpg.de> wrote: > >> Dear list members, >> >> i have installed a CentOS 7 x86_64 system. I want to let users >> authenticate over our ldap server. This seems to be working. >> ldap-username and ldap-passwords are accepted for the users configured >> in the ldap server. No problem. >> >> Now i want to restrict the access to users who have my centos-machine in >> their ldap host attribute. >> >> My problem is, that this host attribute seems to be ignored. Any ldap >> user, independent from the host attribute, still can login in. >> >> What could be the reason? (googling around did not lead me to a solution). >> >> > Try to set 'pam_check_host_attr yes' in /etc/ldap.conf . > > --Regards > Ashishkumar S. Yadav > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > >