I have a linux machine which authenticate users to ldap, this is working fine. But I would like to limit users that logon to the machines to just the system admins.
The machines hosts different web sites which users accessed from there home directory like http://foo.mdx.ac.uk/~username
At the monent my /etc/ldap.conf has
nss_base_passwd o=mdx?sub?groupMembership=cn=linux_servers,ou=access-grou
ps,ou=UNIX,ou=services,ou=staff,o=mdx
nss_base_shadow o=mdx?sub?groupMembership=cn=linux_servers,ou=access-grou
ps,ou=UNIX,ou=services,ou=staff,o=mdx
nss_base_group ou=group,ou=sun.mdx.ac.uk,ou=nis,ou=services,ou=unix,ou=service
s,ou=staff,o=mdx?one
I would like to limit authentication to cn=linux_admin but if I change the above /etc/ldap.conf to cn=linux_admin users will not be able to get there web site.
Using PAM, how do I limit authentication to all services just to cn=linux_admin, while normal user still be able to access there web site through http://foo.mdx.ac.uk/~username
Thanks 