Hi, libpam-ldap had an option to restrict succesful authentications to members of a vertain ldap group. It's configured with pam_groupdn. I don't know of an equivalent option for pam_groupdn, however. Is it possible to limit ldap logins to a select group of people without locking out local users in case the ldap server goes down (given that the group is an ldap group and not a local one). -- Frank Van Damme No part of this copyright message may be reproduced, read or seen, dead or alive or by any means, including but not limited to telepathy without the benevolence of the author. _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list