On 06/17/2011 12:28 PM, John McNulty wrote: > Hi. > > I have some shares on a server that are offered to specific Active Directory > user groups, but the business doesn't want those users to be able to login > to the server. If I were to add "require_membership_of" to pam_winbind to > limit logins and shut out the users I don't want, would it also have the > side effect of denying those users access to the shares as well?
From: John McNulty <johnm...@gmail.com> Date: Mon, 20 Jun 2011 10:50:45 +0100 > The user accounts exist in Active Directory and we're using the rfc2307 > schema. So the shell is set in AD. I cannot change the shell to /bin/false > or that would affect all the other servers they login to. I see. You may manage local login with the facility of PAM, for example pam_access, pam_listfile or others... --- TAKAHASHI Motonobu <mo...@monyo.com> / @damemonyo http://damedame.monyo.com/ / http://facebook.com/monyot -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba