Kwan,<br><br>Is it worthy to follow <a href="http://www.redhat.com/f/pdf/rhas/NetgroupWhitepaper.pdf">http://www.redhat.com/f/pdf/rhas/NetgroupWhitepaper.pdf</a> kind of setup?<br><br>Regarding your point:<br><br>Create Host Based access  <br>
<br>
    1. Add the 61ldapns.ldif file to /etc/dirsrv/instancename/schema =&gt; Done<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">2.Edit /etc/ldap.conf and enable pam_check_host_attr =&gt; Done<br>
</blockquote><div>    3.Go to the management console, then:<br>
    From the Account Listing =&gt;<b> Where is this option?</b><br>
    Select Field in ObjectClass<br>
    Add Value<br>
    Select HostObject<br>
    Select Add Attribute<br>
    Select Host<br>
    Enter first host<br>
    Select Host<br>
    Enter Add Value<br>
    Enter second host<br>
    Continue for all hosts<br><br>Does this create the same setup which below mentioned link talks about.<br><br><br>Is it worthy to follow <a href="http://www.redhat.com/f/pdf/rhas/NetgroupWhitepaper.pdf">http://www.redhat.com/f/pdf/rhas/NetgroupWhitepaper.pdf</a> kind of setup?<br>
Does it resemble your required setup?<br> </div><br><br><div class="gmail_quote">On Wed, Jan 13, 2010 at 12:08 AM, Kwan Lowe <span dir="ltr">&lt;<a href="mailto:kwan.lowe@gmail.com">kwan.lowe@gmail.com</a>&gt;</span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">2010/1/12 Ajeet S Raina &lt;<a href="mailto:ajeetraina@gmail.com">ajeetraina@gmail.com</a>&gt;:<br>

<div class="im">&gt;<br>
<br>
&gt; Say I have a 389 Client Machine 10.209.33.77<br>
&gt; Now if I add this hostname<br>
&gt; So that user can only access this Host and not the other Right?<br>
&gt;<br>
&gt; Pls clarify.How can I stop a particular user to access only that machine?<br>
<br>
</div>This is how I did it:<br>
<br>
Create Host Based access<br>
    Add the 61ldapns.ldif file to /etc/dirsrv/instancename/schema<br>
    edit /etc/ldap.conf and enable pam_check_host_attr<br>
<br>
Go to the management console, then:<br>
    From the Account Listing<br>
    Select Field in ObjectClass<br>
    Add Value<br>
    Select HostObject<br>
    Select Add Attribute<br>
    Select Host<br>
    Enter first host<br>
    Select Host<br>
    Enter Add Value<br>
    Enter second host<br>
    Continue for all hosts<br>
<br>
<br>
<a href="https://sites.google.com/site/disciplinux/linux/centralized-authentication" target="_blank">https://sites.google.com/site/disciplinux/linux/centralized-authentication</a><br>
&gt;<br>
<font color="#888888">--<br>
389 users mailing list<br>
<a href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a><br>
<a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><br>
</font></blockquote></div><br><br clear="all"><br>-- <br><br><br> ”It is not possible to rescue everyone who is caught in the Windows quicksand<br>           --Make sure you are on solid Linux ground before trying.”<br><br>
<br>