Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 23rd November 2012, 19:47
zstar69 zstar69 is offline
Junior Member
 
Join Date: Nov 2012
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default OpenLDAP with host based Access Control?

Hey there, running Slapd on Centos 6.3 over Start_tls. Works great, users can login to their ldap accounts through terminal and through the GUI. Awesome.

Next thing I was asked to do was to restrict certain users/groups to be able to access certain services.

For example:

I want anyone in the IT group to be able to SSH to any of our servers.
I want anyone in the Agents group to be denied access to SSH anywhere.

And another example,

I want everyone in the ServiceDesk group to be able to access any FTP server but nobody else.

I have been following this guide for SSH:

http://www.cyberciti.biz/tips/linux-...hd-server.html

No matter what, I am always able to login with those users.

Am I possibly not reading the right information? Is this even possible?

Is there maybe a way I can do this by hosts?

For example: Anyone in the agents group cannot connect to 192.168.5.5 on port 22? or better yet Anyone in the Agent's group cannot connect to 192.168.5.0/24 port 22 ?

192.168.5.0 is our server network. Agents rest on the 192.168.2.0 (office network). We can create firewall rules to deny access from office -> server, but when my lead requested this from me I assumed he was looking for something more than just firewall rules.

Anyone else able to help out with this?
Reply With Quote
Sponsored Links
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't access control panel using :8080 ali123 General 1 24th October 2010 12:42
Cannot access ISPConfig control panel via https:www.domain.com:81 isengaurd Installation/Configuration 2 27th September 2010 23:00
Webmin upgrade lishaw1968 Installation/Configuration 15 26th August 2010 15:23
problem with mail server setup kentor HOWTO-Related Questions 27 16th July 2009 15:22
Questions in regards to ISP-Server Setup - Ubuntu 5.10 "Breezy Badger" rbrantley HOWTO-Related Questions 16 10th April 2006 18:26


All times are GMT +2. The time now is 21:00.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.