Friday, 25 February 2022

How to Allow/Deny Access for AD Users/Groups using Realmd on CentOS 8



Once the Linux machine joined with any Active Directory Domain, all the AD users can get SSH login on the machine with regular user privileges to avoid this access can manage using realm command.

This article describes How to Allow/Deny Access for AD Users/Groups using Realm  on CentOS 8.

[root@linuxcnf ~]# cat /etc/redhat-release
CentOS Linux release 8.5.2111
[root@linuxcnf ~]#

1. Allow SSH Access for one User: Run the following command to allow SSH access for a user:

[root@linuxcnf ~]# realm permit user@linuxcnf.com

2. Allow SSH Access for more than a User: Run the below command to allow one or more than a User:

[root@linuxcnf ~]# realm permit user@linuxcnf.com user1.linuxcnf.com user2@linuxcnf.com

3. Allow SSH Access for a Group: Run the following command to allow SSH access for a group:

[root@linuxcnf ~]# realm permit –g group1

3. Allow SSH Access for more than a Group: Run the below command to allow SSH access for more than a Group:

[root@linuxcnf ~]# realm permit –g group1 group2 group3

Done! Now the permitted users and groups only can get SSH access on the machine.

1 comment:

  1. would you have to realm deny --all first?

    ReplyDelete