LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Debian, Winbind: how to limit user login (http://www.linuxquestions.org/questions/linux-networking-3/debian-winbind-how-to-limit-user-login-33455/)

franz130175 10-22-2002 12:44 PM

Debian, Winbind: how to limit user login
 
Hi everybody,
Im'using a Debian 2.4.19 server with Samba and Winbind joined to a Windows 2000 domain.
Authentication and home directory works fine, but I would like to know if there is some way to select which users in the domain can access this server (in the domain there are >600 users and only 150 of them should be able to login).

By now everyone can access the server and this is not really what I wanted to do.

Is there a way of doing it with a domain group management or something like that? :confused:

Thank you!

Francesco

Touchstone 10-25-2002 01:49 PM

I had the same concerns but I installed Access Controll Lists and Extended Attributes to tighten my security more.

You can find out more at
acl.bestbits.at

It doesn't stop people from logging in but you can restrict any file access to specific groups that way.

Hope this helps a bit anyway.

yanqian 01-20-2013 01:00 PM

This is a old post.

In case someone like me find this post after searching in the internet, here is the answer in modern days, it works on both debian and RHEL\CentOS.

/etc/security/pam_winbind.conf

To restrict access to uers in specified groups, add this line require_membership_of = [SID],[SID],[SID]

Replace the [SID] with the proper AD User, or Group, SID. You can find out what users/groups are assigned which SIDs, with this command. wbinfo -n [NAME]

reference:
http://unix.stackexchange.com/questi...s-5-allow-only


All times are GMT -5. The time now is 11:01 PM.