On Sun, 2013-09-01 at 09:56 +0200, steve wrote: > On Thu, 2013-08-22 at 11:49 +0000, Jason Caylor wrote: > > Okay, so I have an Active Directory server running on Windows Server 2012 > > Standard > > I have configured Samba/Kerberos/Winbind on Ubuntu 13.04 to bind to the DC > > properly. > > I am able to login with my Active Directory users credentials. > > When I use the 'require_membership_of' option in pam.d/common-auth for > > winbind.so using the SID of the group I want to restrict access to, it > > works like a charm. > > Hi > Say the group with that SID is mygroup. > Does: > getent group mygroup > return a gidNumber? If so, then: > > Put only the users you want. Then common-account: > account required pam_succeed_if.so user ingroup mygroup > > man pam_succeed_if > > BTW, I'd strongly advise changing to the ad backend. > HTH > Steve > > Hi Sorry, I'm not answering the question. These are not fixes, rather 'something else to try', things.
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba