Hi guys. I'm trying to restric some user to login to some server, googling around I found that some things can be donde with the host attribute, this is what I got.
A user with host attribute and and a FQDN server on it server.comap.com , the pam_check_host_attr set to yes in the client configuration ( pam_ldap.conf / ldap.conf ), If I understand well the user can now login to that server, in my tests I can confirm that, what I notice is that the user can loging to all the other servers in the farm whaterver I set to the host attribute I read this article as a reference: thornelabs dot net /documentation/2013/02/01/linux-restrict-server-login-via-ldap-hostobject-objectclass-and-host-attribute.html Please, can someone shed some light on this or clarify what I'm trying to to is correct or wrong? Thanks for your time and support Regards
