Failing getting nss-pam-ldapd working together with pam_group

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Joakim Nordberg <joakim [at] nordberg.org>
To: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Failing getting nss-pam-ldapd working together with pam_group
Date: Mon, 17 Oct 2016 20:03:27 +0200

Hi

I’m struggling to get mss-pam-ldapd working together with pam_group getting a 
local group when having a AD-group. Kerberos, user and groups are working 
fantastic on Linux using AD with nss-pam-ldapd otherwise.

Running:
Oracle Linux 6.7 & 6.8
nss-pam-ldapd 0.8.12
pam-1.1.1

In /etc/security/group.conf I add a line like
*;*;%adgroupname;Al0000-24000;dba

And in /etc/pam.d/sshd just under first line ”auth required pam_sepermit.so” I 
add
auth required pam_group.so

Restarting nslcd and disabled need… But I do not get the extra dba-group.

But if I type in the users primary group with % which is the same as username 
or just the username it works perfectly… Bu I would like the groups from AD to 
control that.

Any Ideas?

Vänlige(n),
Joakim Nordberg
-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
https://lists.arthurdejong.org/nss-pam-ldapd-users/

Failing getting nss-pam-ldapd working together with pam_group, Joakim Nordberg

Prev by Date: Re: nss_initgroups_ignoreuser not working as expected. Are my expectations incorrect?
Next by Date: login capabilities mappings
Previous by thread: Re: nss_initgroups_ignoreuser not working as expected. Are my expectations incorrect?
Next by thread: login capabilities mappings