Re: check winbind AD group memberships

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Although I haven't had to configure winbind against AD, I'm pretty
sure you need to configure NSS to use winbind and afterwards you can
use pam_group. That is, you should be able to add a "winbind" entry to
your "group" entry on your /etc/nsswitch.conf as long as you have the
associated installed on your system.

Ensure that you are properly seeing the groups (getent group) before
returning to configuring PAM.

-- Jon Miller

On Mon, Jan 9, 2012 at 3:48 AM, robert pearce <robert.pearce@xxxxxxxxx> wrote:
> When using linux winbind authentication against active directory, is there a
> way to check membership of an AD group using pam ?
> As far as i know pam_group only checks against local groups.
> Any help would be appreciated.
> Thanks,
> - R
> This email is from JD Sports Fashion plc or one of its subsidiaries. The
> contents of this email and any attachments are confidential and are intended
> solely for the use of the intended recipient. The information in this email
> may not be used, copied or disclosed by any person other than the intended
> recipient. If you are not the intended recipient, please contact JD Sports
> Fashion plc at admin@xxxxxxxxx, quoting the name of the sender and delete
> the message from your system.
> Please note that neither JD Sports Fashion plc or the sender accepts any
> responsibility for viruses and it is your responsibility to scan the email
> and any attachments. No contracts may be concluded on behalf of JD Sports
> Fashion plc by email.
> JD Sports Fashion plc - Registered in England No. 1888425. Registered
> Office: Hollinsbrook Way, Pilsworth, Bury, Lancashire, BL9 8RR.
> _______________________________________________
> Pam-list mailing list
> Pam-list@xxxxxxxxxx

Pam-list mailing list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux