I'm working on a way to use MS Active Directory for authentication in our linux environment (we are predominantly a Windows shop).
I've configured a test linux box to successfully authenticate to our AD environment. To do this I used the process outlined in this article:
This works great - I am able to sign on to this linux box using an AD account.
The next thing I would like to do is to be able to use AD groups in Linux config files. For example, I'd like to limit SSH logons to only certain AD groups. I've tried adding an AD group to /etc/ssh/sshd_config, but this doesn't seem to work. I've tried adding the group in the domain\group format as well as group@domain format. I'd also like to use AD groups in the sudoers file.
A. Is it possible?
B. If so, how can I do this?