We have done something similar, but did not need to use two
domains -- we implemented netgroups instead. You'll need to
define groups in /etc/netgroups, and in the /etc/passwd file
of each machine, you define which netgroup that you wish to have
Sample entries --
restrictedgroup (,user1,) (,user2,) (,user3,)
The 2nd last line in /etc/passwd indicates that everyone not in
allow user1, user2, user3 access.
It works for us.
(remove "**" to reply)
Frances J. Lawas-Grodek |
NASA Glenn Research Center | phone: (216) 433-5052
21000 Brookpark Rd, MS 142-2 | fax : (216) 433-8000