similar to: Authorizing login per station

Hi, I've stumbled upon this problem while trying to limit access to specific machine to specific domain users. I did it by setting Samba to obey PAM restrictions, and then using the pam_access PAM module ('account' clause) to do user validation (described below). On Win2000, this works fine - if an unauthorized user tries to login, Win2000 says 'Account not permitted to

Hi all, let me describe my environment and problem. System is RHEL 5.6 with latest stable OpenSSH. In sshd_config is defined "AllowGroups sshusers" but I need limitation to some of users in group to have access only from defined IP address. As I know this can be setup in sshd_config only for AllowUsers, but users in group are changed so I must use allowgroups instead of allowusers.

Hello, we're upgrading from Centos 5.8 to Centos 6.3 and have realized few things have changed in the system. We're using LDAP authentication (nss_ldap package) on our Centos 5.8 servers and have different PAM ldap configuration files configured to be used for specific PAM services. Here is the example of our setup: /etc/pam.d/service1: auth sufficient pam_ldap.so

mainly question for the intel folks, any chance to rerun the ltp testsuites to see how we are doing these days with all the changes ? thanks :) Wim

Hi, I am having a strange problem, where I cannot get pam_access to work as intended. I have placed the following line in /etc/pam.d/system-auth account required /lib/security/pam_access.so Then, in /etc/security/access.conf, I have put the following line: -:mok:10.14.44.104 I.e. I should prevent myself from logging on from host 10.14.44.104. However, when I try to log on (using

Hi When I enable a box to do authentication using LDAP it breaks cron for users like jboss. I get the following in /var/log/secure Sep 14 15:25:01 exoipatest01 crond[7214]: pam_access(crond:account): access denied for user `jboss' from `cron' I have the following in /etc/ldap.conf nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,tomcat,radiusd,news,mailman,nscd,jboss

http://bugzilla.mindrot.org/show_bug.cgi?id=732 ------- Additional Comments From dtucker at zip.com.au 2003-12-22 21:40 ------- Which PAM modules do you have in your sshd PAM stack? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

This filter caches the last result of the extents() call and offers a nice speed-up for clients that only support req_one=1 in combination with plugins like vddk, which has no overhead for returning information for multiple extents in one call, but that call is very time-consuming. Quick test showed that on a fast connection and a sparsely allocated 16G disk with a OS installed `qemu-img map`

hi, i'm using suse 7.3 with samba 2.2.8 as PDC and openldap for authentification in network with wfw-, winnt-, w2k-clients. everything works fine. because not every client has the same configuration (same progs, same path's, hardware...), i got problems, if a user dosn't login from his ordinary workstation, his roaming-profile doesn't work fine. now, how can i force users only

Hi folks, I want to restrict root access via ssh to certain (internal) hosts. That is what pam_access.so is for, I thought, so I configured: in /etc/security/access.conf I added (nothing in there before): + : root : 192.168.123.0/24 10.72.0.0/16 - : root : ALL in /etc/pam.d/ssh I added at the end: account required pam_access.so Then I restarted the ssh server. Basically, this kinda works.

I just realised that pam_access no longer works under CentOS6 - or it works differently from CentOS5. Under CentOS5, I used this configuration to restrict access to root only: # cat /etc/security/access.conf + : root : ALL - : ALL : ALL # cat /etc/pam.d/system-auth-ac ... account required pam_access.so account required pam_unix.so account sufficient pam_localuser.so

Hello, according to the bug 976750 (https://bugzilla.redhat.com/show_bug.cgi?id=976750) problem with repeating error messages: [2013-11-13 17:16:11.888894] E [socket.c:2788:socket_connect] 0-management: connection attempt failed (Connection refused) in case when nfs is disabled on all volumes was suppose to be solved in 3.4.1. We're using the version glusterfs-server-3.4.1-3.el6.x86_64

Having a difficult problem getting my pam_access.so module enforced on a 3.0.22 version of Samba. Here is my /etc/pam.d/samba file: auth required pam_winbind.so debug account required pam_access.so account sufficient pam_winbind.so debug account include system-auth session include system-auth session required pam_winbind.so debug My

Hi, I have a Debian Stretch system running a self-compiled version 4.7.3 of Samba. Having followed the Samba WiKi to allow AD users to log onto the servers using PAM authentication, I now want to restrict access to specified group(s). So I created a linuxadmins group and made some test users members of the group. Initially I tried to restrict access by modifying /etc/security/access.conf

Hi All, Does anyone know of a way to dial two different outbound numbers and bridge them together using the Asterisk API? Cheers, Taff. --------------------------------- ALL-NEW Yahoo! Messenger - all new features - even more fun! -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi, I believe I have significantly improved [dpq]wilcox functions by implementing Harding's algorithm: Harding, E.F. (1984): An Efficient, Minimal-storage Procedure for Calculating the Mann-Whitney U, Generalized U and Similar Distributions, App. Statist., 33, 1-6 Results on my computer show (against R-2.9.1): > system.time( dwilcox( 800, 800, 80) ) user system elapsed 0.240

Hi, I have been doing various testing with asterisk and its been going great. However I am a bit feedup of using vi for editing configs, and would rather do it from any machine on my LAN. I am running debian and * via xorcom rapid on a test PC at the minute. Hence phpconfig would be great, however I am having difficulty getting it to work. I have searched the message boards and the wiki, and

@Work requires me to manipulate the MS Access database (mdb) file located on an XP box that is an integral part of a third party application that is central to the business. Does anyone have experience doing so? I have used odbtp in the recent past but it is extremely difficult to set up on the linux box as I learned when I recently upgraded from CentOS 4.x to 5.x. Is there another way to get

Hi. I have some shares on a server that are offered to specific Active Directory user groups, but the business doesn't want those users to be able to login to the server. If I were to add "require_membership_of" to pam_winbind to limit logins and shut out the users I don't want, would it also have the side effect of denying those users access to the shares as well? Regards,

I would like to use icecast and liveice as my normal account. If I do so, using xmms, I can access the relayed radios I have defined, but I cannot listen th the playlist liveice is broadcasting on /disk. XMMS tells me that the specified stream could not be found. If I launch icecast as root however, it works fine. I've searched through the logs and checked the file permissions but I