Rechercher

5.5. Configuring simple Access Provider Rules

download PDF

The simple access provider allows or denies access based on a list of user names or groups. It enables you to restrict access to specific machines.

For example, you can use the simple access provider to restrict access to a specific user or group. Other users or groups will not be allowed to log in even if they authenticate successfully against the configured authentication provider.

Conditions préalables

  • root access

Procédure

  1. Open the /etc/sssd/sssd.conf file.
  2. Set the access_provider option to simple:

    [domain/your-domain-name]
    access_provider = simple
  3. Define the access control rules for users.

    1. To allow access to users, use the simple_allow_users option.
    2. To deny access to users, use the simple_deny_users option.

      Important

      If you deny access to specific users, you automatically allow access to everyone else. Allowing access to specific users is considered safer than denying.

  4. Define the access control rules for groups. Choose one of the following:

    1. To allow access to groups, use the simple_allow_groups option.
    2. To deny access to groups, use the simple_deny_groups option.

      Important

      If you deny access to specific groups, you automatically allow access to everyone else. Allowing access to specific groups is considered safer than denying.

      Exemple 5.3. Allowing access to specific users and groups

      The following example allows access to user1, user2, and members of group1, while denying access to all other users:

      [domain/your-domain-name]
      access_provider = simple
      simple_allow_users = user1, user2
      simple_allow_groups = group1
Important

Keeping the deny list empty can lead to allowing access to everyone.

Ressources supplémentaires

  • The sssd-simple5 man page
Red Hat logoGithubRedditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez leBlog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

© 2024 Red Hat, Inc.