You'll probably need to add a pam_access.so reference to the stock /etc/pam.d/password-auth. Make the first "account" line
account required pam_access.so
My CentOS system doesn't have a stock password-auth file. I tried creating one with that line in it, but that didn't work. Also, per some web pages I found, I tried putting that line into system-auth, but that didn't work either.
Also, I assume that your system can access your netgroups properly, i.e., getent can see them:
getent netgroup $groupname
Yes, that is working.
Fortunately, the solution provided on-list by Stephen Harris did work, but I'm puzzled as to why this isn't.
--- Mike VanHorn Senior Computer Systems Administrator College of Engineering and Computer Science Wright State University 265 Russ Engineering Center 937-775-5157 michael.vanhorn@wright.edu http://www.engineering.wright.edu/~mvanhorn/