Samba winbind authentication for login and sudo

paul.a.bolton at paul.a.bolton at
Fri Aug 28 15:19:21 UTC 2015

> -----Original Message-----
> From: Volker Lendecke [mailto:Volker.Lendecke at SerNet.DE]
> On Fri, Aug 28, 2015 at 12:28:51PM +0000, paul.a.bolton at wrote:
> >
> > The key one I'm looking at now is being able to authenticate the user
> > via winbind using non-Unix enabled groups, both for login and for 'sudo'
> > commands yet still map the user's profile to an rfc2307 compliant (and
> > consistent) mapping of UIDs and GIDs for those groups that are so
> pam_winbind has the require_membership_of option using which you can
> restrict successful login to a list of SIDs. Only if a user is member in
one of
> those groups pam login will succeed. Is that a start for you?

I'm pretty sure that when I tried this it failed unless the group was

> With best regards,
> Volker Lendecke
> --
> SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
> phone: +49-551-370000-0, fax: +49-551-370000-9 AG Göttingen, HRB 2816,
> GF: Dr. Johannes Loxen, mailto:kontakt at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 8338 bytes
Desc: not available
URL: <>

More information about the samba-technical mailing list