I don't think mod_lookup_identity is what you are looking for, it does not deal with access authorization.
You don't say how your users authenticate, so I'll assume you have that sorted out. In that case, mod_authnz_pam might be the way to go. You mention you use SSSD, so configuring just account required pam_sss.so (without the auth module) should delegate the authorization to SSSD. Jan (not subscribed to the mailing list, replying via WebUI) _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
