I accomplish this with the pam_access module and an appropriate access.conf file on my Red Hat flavored machines.
http://linux.die.net/man/8/pam_access
http://linux.die.net/man/5/access.conf
----- Original Message -----
From: "Enrico Morelli" morelli@cerm.unifi.it To: "General discussion list for the 389 Directory server project." 389-users@lists.fedoraproject.org Sent: Wednesday, April 27, 2016 8:21:00 AM Subject: [389-users] Login restrictions
Is it possible to restrict login only to to whom bound to a determinated group?
I tried to use the following lines in sssd.conf but doesn't works:
access_provider = ldap ldap_access_order = filter ldap_access_filter = (gidNumber=900)
--
Enrico Morelli System Administrator | Programmer | Web Developer
CERM - Polo Scientifico Via Sacconi, 6 - 50019 Sesto Fiorentino (FI) - ITALY phone: +39 055 457 4269 fax: +39 055 457 4927
-- 389-users mailing list 389-users@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org