[Samba] locking down ssh when using winbind
Luv Linux
luvlinux2009 at gmail.com
Wed Sep 16 17:13:54 MDT 2009
Hi all,
I'm using samba with winbind which has been integrated with Active
Directory.
In the smb.conf file, I have
template shell = /bin/bash
winbind use default domain = yes
to allow ssh but I don't want all the domain users to be able to ssh.
Is there a way to only allow for example) domain\ssh_group which is an
active directory group to be able to ssh into the server?
This is my current pam.d/sshd file:
auth required pam_nologin.so
auth sufficient pam_stack.so service=system-auth
auth sufficient pam_winbind.so
account sufficient pam_stack.so service=system-auth
account sufficient pam_winbind.so
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session required pam_loginuid.so
More information about the samba
mailing list