[Samba] Group membership updates

Jeremy Allison jra at samba.org
Fri Feb 17 13:26:25 MST 2012


On Thu, Feb 16, 2012 at 10:38:05AM +0100, Luis Marqueta wrote:
> Hi, list.
> 
> I'm running samba-3.5.4 + winbind on a RHEL 5 server. I'm trying to
> allow ssh logins to users in a particular Active Directory group in the
> TESTDOMAIN domain.
> 
> My problem is that group membership seems to be updated when the user
> logs in. So, if a remove a user from the allowed group, the first login
> attempt is successful.

Hmmmm. I see. Is this a generic pam issue ? Doesn't pam get the group
list for the user after a successful authentication (would seem like no
sense doing it before) ?

Jeremy.


More information about the samba mailing list