[Freeipa-users] FreeIPA, Netgroup and access.conf
Jakub Hrozek
jhrozek at redhat.com
Tue Jun 2 10:10:19 UTC 2015
On Tue, Jun 02, 2015 at 11:11:56AM +0200, Yves Degauquier wrote:
> Hi,
>
> I have a FreeIPA server in place with netgroup in order to limit access to
> some users only to some hosts (by environment).
>
> It works fine on AIX clients.
>
> But now I try to do the same with Linux.
>
> I register the client in the server, without any problem, all users from
> FreeIPA can login in the Linux boxes.
>
> I activate now pam_access and configure the /etc/security/access.conf to
> allow local root user and users from netgroup.
>
> But my users in the netgroup can't login... If in place of the netgroup I
> put the name of the users, the users defined can login...
>
> But this is not anymore a centally managed user...
>
> Any idea of what the problem could be?
>
> Thanks in advance for your help.
Does getent netgr report the host as a member of the netgroup?
More information about the Freeipa-users
mailing list