Hi Покотиленко, * Покотиленко Костик <[EMAIL PROTECTED]> * 2008-02-01 14:07: > Man'ы читать надо, блин. Есть такая конструкция, которую можно > использовать в /etc/pam.d/*: > > account required pam_ldap.so config=/etc/pam_ldap_<имя сервиса>.conf > > Так даже красиво.
Кажется есть еще красивее (я не пробовал, у меня libnss_ldap) /etc/pam_ldap.conf # Check the 'host' attribute for access control # Default is no; if set to yes, and user has no # value for the host attribute, and pam_ldap is # configured for account management (authorization) # then the user will not be allowed to login. #pam_check_host_attr yes # Check the 'authorizedService' attribute for access # control # Default is no; if set to yes, and the user has no # value for the authorizedService attribute, and # pam_ldap is configured for account management # (authorization) then the user will not be allowed # to login. #pam_check_service_attr yes -- Best regards, Sergey Chumakov 2:450/77[.43] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]