Hi Chris, Thanks, you mind, replace ldap auth with winbind auth ? my scene: on one side 1 smb server pdc with ldap, on the another side, 1 Xorg-Server with auth over ldap , the same from the first one (smb). i need to permit only users "membership_of" "Domain Users" to login on the Xorg-Server Thanks Am 05.02.2010 12:45, schrieb Christoph Maser: > Am Freitag, den 05.02.2010, 11:38 +0100 schrieb Nobody ist perfect: >> Hi, >> >> we use an openldap server / samba as domain controller for our >> windows/linux workstations. on a specific server, login should only >> be allowed, if the certain user is member of a group (let's call this >> group "login"). All the users in the domain are members of the group >> "Domain Users". Therefore their primary gid is not the login-group's gid. >> How can I make the login depending on that login-group-membership? >> >> Thanks! >> >> Toby >> > > > If you use winbind you can use require_membership_of= > in/etc/security/pam_winbind.conf. > > Chris > > > financial.com AG > > Munich head office/Hauptsitz München: Maria-Probst-Str. 19 | 80939 München | Germany > Frankfurt branch office/Niederlassung Frankfurt: Messeturm | Friedrich-Ebert-Anlage 49 | 60327 Frankfurt | Germany > Management board/Vorstand: Dr. Steffen Boehnert | Dr. Alexis Eisenhofer | Dr. Yann Samson | Matthias Wiederwach > Supervisory board/Aufsichtsrat: Dr. Dr. Ernst zur Linden (chairman/Vorsitzender) > Register court/Handelsregister: Munich – HRB 128 972 | Sales tax ID number/St.Nr.: DE205 370 553 > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos