[Samba] restrict ssh login by Win2K AD group

Cleber P. de Souza cleberps at gmail.com
Sat Sep 16 13:10:23 GMT 2006


Yes,
As AD groups are mapped into your linux box and you can list this
group with getent passwd, you can define the AllowGroups into your
sshd_conf specifying your developers group.


On 9/15/06, Matt Herzog <msh at blisses.org> wrote:
> Hello again.
>
> I'm hoping there is some way I can restrict ssh login through the AD to my
> Linux servers. I only have one group of users on the domain that needs ssh access.
>
> So far I see lots of ways to add or map or join Linux to Windows groups but
> I would rather be able to say:
>
> "no" to all AD users and groups
>
> and
>
> "yes" to all users in the specific AD group named "developers"
>
> Is there some way to specify just one AD valid group for ssh access?
>
> Thanks.
>
> -- Matt
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>


-- 
***
Cleber P. de Souza


More information about the samba mailing list