I have the following situation. FreeBSD machine is a member of Active Directory, and we have in /etc/pam.d/sshd:
auth sufficient /usr/local/lib/pam_winbind.so auth required pam_unix.so no_warn try_first_pass account required pam_login_access.so account required pam_unix.so broken_shadow account sufficient /usr/local/lib/pam_winbind.so debug account required pam_permit.so session required /usr/local/lib/pam_mkhomedir.so password sufficient /usr/local/lib/pam_winbind.so use_authok debug password required pam_unix.so no_warn try_first_pass So, users from AD domain have access to the server throw ssh. Is there some pam module for FreeBSD (as pam_succeed_if.so in Linux) to control Windows groups that have access to the server? Or maybe there is other way to grant permission to login to BSD system only for some groups? _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"