[Samba] Group membership not updating on one DC only

Rowland penny rpenny at samba.org
Wed Feb 24 21:42:36 UTC 2021

On 24/02/2021 21:20, Christian via samba wrote:
>> Why do you need to know what groups a user is a member of ?
> Match group admin-group
>   AllowUsers *
> Match group remotessh
>   AllowUsers *
> in /etc/ssh/sshd_config comes to mind... Thanks,

That is a valid reason, well it would be except for the fact that 
disabled users can still login via SSH.

I wonder if you could use kerberos instead of keys along with the groups 
? Never tried it, just thinking out loud.


More information about the samba mailing list