At 02:19 PM 9/19/2006, Matt Herzog wrote:
It is that simple. Of course I'd like to have more than one group be able to
login so I'll dig into that presently.
Create an AD group specifically for restricting ssh access -- "ssh
access" or some such name.
Then add the multiple AD groups to this group. Winbind should do
the magic beyond this point.
Adjust your pam_succeed_if.so line for this new gid once it
propagates through winbind, and you should be all set...
Cheers,
-D
Don Meyer <[EMAIL PROTECTED]>
Network Manager, ACES Academic Computing Facility
Technical System Manager, ACES TeleNet System
UIUC College of ACES, Information Technology and Communication Services
"They that can give up essential liberty to obtain a little
temporary safety,
deserve neither liberty or safety." -- Benjamin Franklin, 1759
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
