RE: AllowGroups (SSHD) not working with kerberos or winbind
I have not configured LDAP for this task. I do have winbind configured
though for Samba Authentication. Do I have to setup LDAP also to all
group specification in the SSHD config?=20
From: Darren Tucker [mailto:firstname.lastname@example.org]=20
Sent: Friday, June 02, 2006 10:26 PM
To: Reese,Richard Stephen
Subject: Re: AllowGroups (SSHD) not working with kerberos or winbind
Reese,Richard Stephen wrote:[color=blue]
> I'm trying to allow a specific group in our Active Directory Domain to[/color]
> ssh into a server (openssh-server-3.9p1-8.RHEL4.12) we have. If the=20
> line is commented out then it works fine, but any user in our domain=20
> may login if they have a account on the system. When the directive is=20
> uncommented to become active no user can login.
> I can view users and groups using wbinfo -u or -g. Any[/color]
Have you configured /etc/nsswitch.conf to look up active directory
groups (presumably via nss_ldap)?
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.