I have the following situation. FreeBSD machine is a member of Active 
Directory, and we have in

auth            sufficient      /usr/local/lib/pam_winbind.so
auth            required        pam_unix.so no_warn try_first_pass

account         required        pam_login_access.so
account         required        pam_unix.so broken_shadow
account         sufficient      /usr/local/lib/pam_winbind.so debug
account         required        pam_permit.so

session         required        /usr/local/lib/pam_mkhomedir.so

password        sufficient      /usr/local/lib/pam_winbind.so use_authok debug
password        required        pam_unix.so             no_warn try_first_pass

So, users from AD domain have access to the server throw ssh. Is there some pam 
module for FreeBSD (as pam_succeed_if.so in Linux) 
to control Windows groups that have access to the server? Or maybe there is 
other way to grant permission to login to BSD system only for some groups? 
freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to