PowerBroker Identity Services (PBIS): Restrict Login by Security Groups

PowerBroker changed how this is done from previous versions (when it was called LikeWise), now you configure this via the PBIS config command:

sudo /opt/pbis/bin/config RequireMembershipOf DOMAIN\\domain^admins DOMAIN\\server^admins

Some things to note:

  • If you require multiple groups simply put a space between each group
  • This command overwrites the previously set value each time it is run, so take care that you re-enter any groups previously set that you want to retain when adding another group
  • Remember to escape the slash between the domain & group name with a slash (double slash)
  • Replace spaces with ^ (as shown above)
  • Obviously replace DOMAIN with your domain
  • If it still doesn’t work, try dropping case on the group names

 

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.