Web lists-archives.com

Re: [Samba] id <username> - doesnt list all groups




On Tue, 7 Aug 2018 13:15:00 +0200
Micha Ballmann <ballmann@xxxxxxxxxxxxx> wrote:

> Thank for your answer:
> 
> But i dont know understand why is following not working:
> 
> I want to restrict the ssh access for a special domain member:
> 
> In my "sshd_config" i added:
> 
> AllowGroups restrictaccess root
> 
> With user2 im able to login via ssh!
> 
> log: pam_krb5(sshd:auth): user user2 authenticated as
> user2@xxxxxxxxxxx
> 
> With user1 im not!
> 
> log: User user1 from 192.168.0.100 not allowed because none of user's 
> groups are listed in AllowGroups.
> 
> Have a look to my email previously "id user2" shows the group 
> "restrictaccess " and "id user1" doesn't show. And i guess thats the 
> reason why user2 is able to login and user1 not?

No, once a user logs in (or attempts to) winbind should be able to fill
in the missing info.

What 'lib*.*' packages did you install with Samba ?

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba