Re: [Samba] Restricting logins using pam_winbind require_membership_of ?

2011-06-22 Thread John McNulty
pam_access actually worked very well and is the most powerful / flexible of all the choices, so that's the one I'm going with. Thanks to everyone who replied. John On 20 June 2011 18:35, TAKAHASHI Motonobu wrote: > On 06/17/2011 12:28 PM, John McNulty wrote: > > Hi. > > > > I have some shares

Re: [Samba] Restricting logins using pam_winbind require_membership_of ?

2011-06-20 Thread TAKAHASHI Motonobu
On 06/17/2011 12:28 PM, John McNulty wrote: > Hi. > > I have some shares on a server that are offered to specific Active Directory > user groups, but the business doesn't want those users to be able to login > to the server. If I were to add "require_membership_of" to pam_winbind to > limit login

Re: [Samba] Restricting logins using pam_winbind require_membership_of ?

2011-06-18 Thread TAKAHASHI Motonobu
From: John McNulty Date: Sat, 18 Jun 2011 15:14:07 +0100 > Ah, maybe I'm not being clear enough. I want the AD users to be able to > access the shares, but not ssh login to the system, which they can > currently. How have you configured around winbind? By default, the shell for users created b

Re: [Samba] Restricting logins using pam_winbind require_membership_of ?

2011-06-18 Thread John McNulty
Ah, maybe I'm not being clear enough. I want the AD users to be able to access the shares, but not ssh login to the system, which they can currently. I'm wondering if this is a method I can use to achieve that end, as an alternative to using AllowUsers/AllowGroups in sshd_config or using pam_list

Re: [Samba] Restricting logins using pam_winbind require_membership_of ?

2011-06-18 Thread Christ Schlacta
On 6/17/2011 09:46, Aaron E. wrote: In the samba share definition you could add valid users = +group this should have the effect your looking for if I understand you correctly. If not my apologies.. On 06/17/2011 12:28 PM, John McNulty wrote: Hi. I have some shares on a server that are offe

Re: [Samba] Restricting logins using pam_winbind require_membership_of ?

2011-06-17 Thread Aaron E.
In the samba share definition you could add valid users = +group this should have the effect your looking for if I understand you correctly. If not my apologies.. On 06/17/2011 12:28 PM, John McNulty wrote: Hi. I have some shares on a server that are offered to specific Active Directory user

[Samba] Restricting logins using pam_winbind require_membership_of ?

2011-06-17 Thread John McNulty
Hi. I have some shares on a server that are offered to specific Active Directory user groups, but the business doesn't want those users to be able to login to the server. If I were to add "require_membership_of" to pam_winbind to limit logins and shut out the users I don't want, would it also ha