PAM access.conf

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi all,

I have the following lines in my file /etc/security/access.conf for the purpose of my testing.

- : bryan.harris.adm : ALL
- : ALL : ALL

When I place the following into /etc/pam.d/sshd I can prevent my login.  The error is "pam_access(sshd:account): access denied for user `bryan.harris.adm' from" which looks like exactly what I want to see.

account required pam_access.so

When I place the following into /etc/pam.d/sshd I can once again login just fine and access.conf seems to be ignored.

account required pam_access.so listsep=,

The motivation is that I want to only allow the AD group "Linux Admins" (without quotes) to be able to login.  So eventually I want to get a line like - : @Linux Admins : ALL into my /etc/security/access.conf file.

Can anyone explain how I can make this work properly?  I doubt I can convince the Windows guys to not use spaces in their group names but I could try.
Bryan
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux