Restricting logins in a NIS environment, without removing NIS! |
|
| UNIX/Linux Forum Archives · Rules and Guidelines · Disclaimer |
 Help
 Search
 Members
 Calendar
|
| Welcome Guest ( Log In | Register ) | Resend Validation Email |
   |
Restricting logins in a NIS environment, without removing NIS!| fishsponge |
Posted: Jun 8 2005, 09:09 AM
|
|
Administrator  Group: Admin Posts: 679 Member No.: 1 Joined: 13-February 03  |
We have a NIS environment here, and all linux machines look at the same NIS server.
Our NIS Server, however, is also our DNS Server, and Intranet server, and Sun GridEngine master, and a few other things, and the problem is that users are perfectly able to log into this machine as if it was just another linux box. We therefore need to restrict people from logging into certain machines on our network, but the same machines need to remain in NIS for those users we want to allow. Do you know if this can be done? If so, how? Thanks in advance! :D |
      
|
| fishsponge |
Posted: Jun 9 2005, 01:52 PM
|
||||
|
Administrator Group: Admin Posts: 679 Member No.: 1 Joined: 13-February 03 |
ok, an update... i now have a working solution, but unfortunately it blocks IMAP logins even though i have allowed the user with which i log into IMAP as! I am using the pam_access module under RedHat 8.0, and here are the contents of the relevant files:
This has the effect of banning root from logging in from anywhere except LOCAL and 192.168.0.2, and it bans everyone else (apart from 'monitoring', 'rhobbs' and 'nbaker') from logging in from anywhere except LOCAL. However, when i make this change imapd stops accepting logins as user "monitoring". I haven't tested the other users, but i guess they won't work either. Do you know this is happening? The two files above are the only files i have changed, and changing them back to normal solves the problem. Thanks again to anyone who can help :D |
||||
|
|
 |
|