Wow, fast reply Muzzol! >> 2. If there are some users who only need access to a small number of >> servers, how would you handle that situation? > modify /etc/security/limits.conf to your needs What about /etc/security/access? Do you think this is the best way to accomplish this? Assume that I have several hundred servers, but need to grant temporary access to a developer on a few machines to look at some log files. It seems like overkill to change a file on all servers just to allow him access to one (or a few) servers. > i always create users in a default generic group, but that has nothing > to do with your error. >> id: cannot find name for group ID 5001 > you probably have nsswitch.conf missconfigured. I assigned the gid on the LDAP server but it does not exist on the client machine. I have a script to be able to create private groups on all servers, was just curious how other people dealt with this situation. I may create a generic "operators" group for new users who need access to these systems, as you mentioned. -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
