[Samba] require_membership_of is ignored
John P Arends
jarends at northwestern.edu
Thu Jan 24 14:45:13 MST 2013
I have a RHEL 6.3 machine successfully bound to AD using winbind, and commands like wbinfo -u and wbinfo -g output the users and groups. I can also log in as any AD user.
The problem is, I can log on as any AD user.
require_membership_of is being ignored. I can put in a valid group with no spaces in the name, a group by SID, and either way, everyone can log in.
I've put this option in both /etc/pam.d/system-auth and /etc/security/pam_winbind.conf and any user can log in.
Any suggestions, or advice on how I can better troubleshoot this? I'm not seeing anything in the logs that is helpful, but I may not be looking in the right place.
I've asked a few other people who have told me "oh, that never works" but I can't imagine that is the case.
Running 3.5.10-125.el6 by the way..
Senior Systems Engineer
School of Communication
More information about the samba