How to restrict users by GID
by Licause, Al (CSC AMS BCS - UNIX/Linux Network Support)
The following entry into an ldap.conf file on a RHEL V5 system provides for the ability to limit users
based in their GID values:
nss_base_passwd OU=ldap,DC=mydomain,DC=net?one?|(gidNumber=11001) (gidNumber=11003)
Only those users with GID's of 11001 or 11003 can login. All others are prohibited.
I've tried the same filter in sssd.conf on a v6 RHEL system but can't seem to get it to work.
It doesn't cause any syntax errors but it is ignored.
I've also tried placing an "=" sign after the nss_base_passwd string and quoting everything after
the "=" sign....to no avail.
Can anyone explain the sssd syntax for accomplishing this task ?
Thanks in advance.