I use pam_require.so to limit access to services via pam. Here is how
I limit access to my pure-ftpd server to a specific group (GLFTPAccess).
You can also limit access to specific users, like I did with the user
root.
auth sufficient pam_winbind.so
auth required pam_unix2.so # set_secrpc
auth required pam_nologin.so
auth required pam_env.so
account required pam_nologin.so
account required pam_require.so root @GLFTPAccess
account sufficient pam_unix2.so
account required pam_winbind.so
password required pam_pwcheck.so
password required pam_unix2.so use_first_pass use_authtok
session required pam_unix2.so none # trace or debug
session required pam_mkhomedir.so
session required pam_limits.so
Hope that helps !!!
Josh
-----Original Message-----
From: samba-bounces+samba=guidemail.com@lists.samba.org
[mailto:samba-bounces+samba=guidemail.com@lists.samba.org] On Behalf Of
Rex Dieter
Posted At: Wednesday, May 18, 2005 3:52 PM
Posted To: Samba
Conversation: [Samba] Re: One more
Subject: [Samba] Re: One more
Etienne Goyer wrote:
> Is it possible to make available as Unix user only members of a
> specific Windows group ?
I too would be very interested in this. I don't want/need to give
access to our Linux boxes to *every* AD user.
-- Rex
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba