Hi, > Then set the user to nologin > Here is the problem the user is from a LDAP server dont fick there is no > easy way to block this :-)
Well, to block any login, it should be enough to touch /etc/nologin. If you only want to block specific users, than I would usually chsh their login shell to /bin/nologin. But if you can't alter the values you get from the LDAP server, you might need something else. Take a look on man 8 pam_time and man 5 time.conf, these are pam mpdules designed exactly for what you want to do. Unfortunately the syntax of time.conf is confunsing the hell out of me, so if you get the same feeling about the syntax, you should definitely learn the syntax on a testing system before you apply it to the server. You then have to add the time module to the pam.conf file, so it takes effect. Examples in the man 8 pam_time page. (Just one pitfall I got while searching for this: use man 7 pam or man PAM to get the manpage for the pluggable authentication module. Some manpages are wrong, they say it is located at man 8 pam, but it isn't.) Greetings, Mika Pflüger -- edubuntu-users mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
