On Wed, 27 Apr 2016 17:44:22 -0000 "Lukas Slebodnik" <lslebodn@xxxxxxxxxxxxxxxxx> wrote: > > Is it possible to restrict login only to to whom bound to a > > determinated group? > > > > I tried to use the following lines in sssd.conf but doesn't works: > > > > access_provider = ldap > > ldap_access_order = filter > > ldap_access_filter = (gidNumber=900) > I think it might be simpler to use access_provider simple > @see man sssd-simple > > [domain/example.com] > access_provider = simple > simple_allow_users = user1, user2 Could be, but I think to loose the LDAP benefit. I've a lot of machines and to avoid to create/remove users on each machine I installed 389ds. So if I've to add/remove user to the simple_allow_users on each machine I can continue to use adduser. Or not? -- ------------------------------------------------------------- Enrico Morelli System Administrator | Programmer | Web Developer CERM - Polo Scientifico Via Sacconi, 6 - 50019 Sesto Fiorentino (FI) - ITALY phone: +39 055 457 4269 fax: +39 055 457 4927 ------------------------------------------------------------- -- 389-users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
