svn commit: samba-docs r328 - in trunk/manpages: .
Andrew Bartlett
abartlet at samba.org
Thu Jan 20 22:39:59 GMT 2005
On Thu, 2005-01-20 at 22:28 +0000, gd at samba.org wrote:
> Author: gd
> Date: 2005-01-20 22:28:27 +0000 (Thu, 20 Jan 2005)
> New Revision: 328
>
> WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-docs&rev=328
>
> Log:
> Start documenting pam_winbind's options. Maybe someone more fluent in
> english can look over it...
> + <varlistentry>
> + <term>require_membership_of=[SID or NAME]</term>
> + <listitem><para>
> + If this option is set, pam_winbind will only succeed if the
> + user is a member of the given SID or NAME. A SID can be either a group-SID, a
> + alias-SID or even a user-SID. It is also possible to give a NAME instead of the
> + SID. That name must have the form: <parameter>MYDOMAIN\mygroup</parameter> or
> + <parameter>MYDOMAIN\myuser</parameter>. pam_winbind will, in that case, lookup
> + the SID internally. You can verify the list of SIDs a user is a member of with
> + wbinfo --user-sids=SID.
> + </para></listitem>
> + </varlistentry>
Just watch out that PAM does not allow us to have spaces in options, and
even quotes are ignored. That means that for practical purposes, that
option parameter must be a SID.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20050121/ff4264b1/attachment.bin
More information about the samba-technical
mailing list