Unix doesn't really work that way but maybe you make your special ldap user password script check if the user is in LDAP: if they are, do LDAP password, if they are not, wrap around Unix password.
Easier lazy solution is to have a passwd-ldap and a passwd-unix command, then replace passwd with a little script that tells the user to invoke the appropriate command. -danny On Thu, Oct 20, 2016 at 9:15 AM, Bernard Fay <[email protected]> wrote: > Hi, > > I would like to able to disable some Linux commands for LDAP users. One of > those commands is passwd. Because of some specific needs, when the LDAP > users have to change their password a special script has been created for > this purpose. They MUST not use passwd but this command is still required > by local users. > > Does one of you might have an idea to disable Linux commands for LDAP > users only? > > Thanks, > Bernard > > -- http://dannyman.toldme.com
