[CentOS] ldap host attribute is ignored

Tue May 5 13:20:54 UTC 2015
Ulrich Hiller <hiller at mpia-hd.mpg.de>

Hi,

'pam_check_host_attr yes' is in /etc/openldap/ldap.conf. /etc/ldap.conf
is a softlink to that file.

But still the host attribute is ignored.

With kind regards, ulrich


On 05/05/2015 12:32 PM, Ashish Yadav wrote:
> Hi,
> 
> On Tue, May 5, 2015 at 3:32 PM, Ulrich Hiller <hiller at mpia-hd.mpg.de> wrote:
> 
>> Dear list members,
>>
>> i have installed a CentOS 7 x86_64 system. I want to let users
>> authenticate over our ldap server. This seems to be working.
>> ldap-username and ldap-passwords are accepted for the users configured
>> in the ldap server. No problem.
>>
>> Now i want to restrict the access to users who have my centos-machine in
>> their ldap host attribute.
>>
>> My problem is, that this host attribute seems to be ignored. Any ldap
>> user, independent from the host attribute, still can login in.
>>
>> What could be the reason? (googling around did not lead me to a solution).
>>
>>
> Try to set 'pam_check_host_attr yes' in /etc/ldap.conf .
> 
> --Regards
> Ashishkumar S. Yadav
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
> 
>