[Samba] SSH, pam_winbind and cross-forest membership...

Marco Gaiarin gaio at lilliput.linux.it
Sun Mar 6 21:40:58 UTC 2022

In a multidomain/forest environment, seems that on domain members some
cross-forest membership get evaluated by pam_winbind only after a
successful logon.

But if i need (for example) users to logon to a server via SSH if
and only if they are members of a particular cross-forest group
(eg using AllowGroups in sshd_config)?

How can i solve this 'bootstrap' problem?


  In amore ci vuole fortuna, ma anche un bel culo non guasta.
							(Fabio Fazio)

More information about the samba mailing list