So once you get LikeWise setup, one of the first things that comes up is howto restrict access to prevent just anyone from being able to login. You can leverage Active Directory groups via LikeWise to require a user to have membership of one of the group(s) you define.
LikeWise changed how this is done from previous versions, now you need to edit the LW registry like so:
sudo /opt/likewise/bin/lwregshell set_value '[HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\ActiveDirectory\]' RequireMembershipOf "domain\\domain^admins" "domain\\unix^admins"
Yes you need the double slash--this escapes the slash properly. Also if it isn't obvious replace domain with your domain name. You can specify as many groups as you want, just encase in quotes and leave a space as shown above. Now you simply refresh the Local Security Service like so:
sudo /opt/likewise/bin/lwsm refresh lsass
And your done, easy-peasy with LikeWise
Some things to note:
- Remember to escape the slash between domain & user with a slash (double slash)
- Use ^ in place of spaces
- Obviously replace DOMAIN with your domain
- If you have problems try dropping case on the group names