Changes between Version 37 and Version 38 of Internal/LoginService
- Timestamp:
- Mar 9, 2012, 4:35:00 PM (12 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Internal/LoginService
v37 v38 81 81 OU admin can only manage accounts for that organization.[[BR]] 82 82 83 Any person that is a member of sysadmin group in LDAP and admin group in login.yaml will be able to use ControlPanel of the ogs_login service to manage ALL accounts[[BR]]83 Any person that is a member of sysadmin group in LDAP and admin group in login.yaml will be able to use !ControlPanel of the ogs_login service to manage ALL accounts[[BR]] 84 84 85 85 … … 259 259 Note: 260 260 There is file /usr/share/omf-aggmgr-5.2/omf-aggmgr/public_html/template/ogs_login/orbit_banner.png, used for user management pages. Replace content of that file to show your logo. 261 === Login service and LDAP === 262 * In LDAP there is a host attribute that is used by pam to check if user is allowed to access the machine. 263 * If that attribute has * in it then user is always allowed access. 264 * If that attribute is matching the FQDN user is also allowed access. 265 * Otherwise the auth contains line saying that host attribute didn't match 266 * For all of this to work it is neccessery that host attribute in ldap.conf is enabled (i.e. uncommented). 267 * Scheduler operates on LDAP host attribute and changes it accroding to the time and schedule for users that don't have * in their host attribute.
