Reese,Richard Stephen wrote:
> I'm trying to allow a specific group in our Active Directory Domain to
> ssh into a server (openssh-server-3.9p1-8.RHEL4.12) we have. If the line
> is commented out then it works fine, but any user in our domain may
> login if they have a account on the system. When the directive is
> uncommented to become active no user can login.
> I can view users and groups using wbinfo -u or -g. Any recommendations?

Have you configured /etc/nsswitch.conf to look up active directory
groups (presumably via nss_ldap)?

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.