RSS feed

Re: Filtering users by group

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: Filtering users by group

On Fri, 2010-05-21 at 10:39 -0300, ROGERIO DE CARVALHO BASTOS wrote:
> Is there a way to restrict authentication by group membership ?
> Like this in libpam-ldap:
> # Group to enforce membership of
> pam_groupdn cn=remo_meso,ou=Groups,dc=fisnuc,dc=intranet,dc=ufba,dc=br

nss-pam-ldapd does not have a pam_groupdb option, but something similar
can be done with pam_authz_search:

pam_authz_search (&(objectClass=posixGroup)(cn=remo_meso)(memberUid=$username))

Note that the pam_authz_search option is a bit new (available since
0.7.4) so it has not yet seen a lot of testing.

-- arthur - - --
To unsubscribe send an email to or see