On 6/6/06, Igor Sutton <[EMAIL PROTECTED]> wrote: > You can write a PAM module that does these kind of authorization, by > grouping your servers e.g. serverA, serverB and serverC only allows users > having memberOf oracleDBA. It works here in the company I work for, and can > suit yours too. I think this approach is nice because you can centralize all > administration to one write server, and then replicate to your slave > servers. > > Just one more idea :)
True! But not to beat a dead horse, you can also use netgroups in ldap with pam_access to do this, no coding needed! David _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org http://cfengine.org/mailman/listinfo/help-cfengine
