> For example, we might have a group called "db-ssh" that defines a user > group allowed to access database servers. Then we just make sure DB > hosts get "AllowGroups db-ssh" added to their SSH configs. Plopping a > user into the db-ssh group in LDAP then gives that person access to all > the boxes that group is allowed to access with one LDAP entry. Ok, so I have a group called "operations" and have placed some users in it. "getent group" shows the group: operations:*:10000:scarolan,user2,user3,user4 I tried putting "AllowGroups operations" into my sshd_config but I just get "invalid user" errors from sshd. Am I missing something here? -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
