2 Replies Latest reply: Aug 23, 2012 8:56 AM by 957333 RSS

    Restrict which client machines that users can log into.

      What is the preferred method to restrict which machines that a particular user can log into? For example:

      I have DS instance running and as of now, ANY user in LDAP can log into ANY machine that is configured as a client. I have seen methods online that make use of the "host" attribute, but that was used with OpenLDAP and required a schema that is not standard. Ideally, I would like to use something like host attribute values that contain a host name. That is, a user can only log into a client (devserver, for example) IF that user has a host attribute with a value of "devserver"

      If someone could point me in the right direction, I would appreciate it.

      Bryan Moorehead
      Solaris Administrator