RHEL 7 - Limiting AD logons using Groups
Realmd documetation states you can limit users by using the realm permit command. I need to limit access by AD groups. I am working on it now, but was wondering if anyone had already solved the problem.
In RHEL 6 I use the /etc/security/access.conf file to limit logons.
I intend to try that mechanism, but what would be nice would be that I could limit access to AD groups by using realmd.
Responses
Edward,
Without knowing your configuration I assume you are using realmd to configure SSSD for the authentication/identity.
If this is the case, look for the simple access provider eg. 'simple_allow_groups' option in SSSD (/etc/sssd/sssd.conf), it is a basic way to restrict access to servers based on AD groups.
-edit-
There is a solution here that describes the process:
https://access.redhat.com/solutions/715173
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
