Hi,
Dne 1.4.2015 v 07:09 Prashant Bapat napsal(a):
Hi ,
Is there a way of making the nsAccountLock attribute (User
enable/disable) to be anonymously readable ?
I'm trying to implement a SSH key lookup sshd authorized key command
script. Based on this attribute the user will be allowed to login. I
need this to be anonymously readable.
Tried setting the permissions but it does not work.
Any other ideas on this ?
If your SSH server is a properly configured IPA host (i.e. you had run
ipa-client-install or ipa-server-install on it), rejecting locked user
login should work automatically, without having to configure anything.
Thanks for your help.
--Prashant
--
Jan Cholasta
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
