Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
So I’ve setup an Ubuntu server running the 8.04 release. I set it up to authenticate with our Active Directory using the likewise-open package using these instructions. Part of that setup was giving Domain Admin users who login to the machine sudo access.
Now I’d like to deny login rights for all domain logins except for those users that are in the ‘Domain Admins’ group. Local users should still be able to login. Anyone have any idea how to accomplish this?
I get to answer my own question! Jim’s train of thought seemed promising but I experimented with it and it doesn’t look like the likewise-open LDAP authentication uses anything from the /etc/passwd file.
The correct way I got this to work was by editing /etc/security/pam_lwidentity.conf and un-commenting and editing the following section: