We are running OES SP1 latest patches on LINUX..

We have a 2 node Cluster running NSS Volumes.

We want to enable NFS Exports to our Linux Workstations for Student Home
Directories (We basically mount the users (Linux Home Directory to the
NSS Home Directory, thus giving a kind of roaming desktop...)

So here is the problems we have found.

Our users log in using PAM Ldap. etc etc. this works well our desktops
are debian (lenny I think so they are a little older)

Anyhow I have noticed that the Server can only find accounts in
eDirectory if they are LUM enabled. If the account is not lum enabled,
then they can not access the NSS Home drive.

If I LUM enable the account access to the NSS volume works and all is good..

If the account does NOT log in via LDAP (however has the correct possix
settings) then he/she gains access to the NSS volumes.. I don't
understand this, but it seems to work.

My question is...

I want ADMINS to use LUM to access the OES servers via SSH
I want standard users with LUM to access the NSS and NOT be able to SSH
into a OES server.

Is there a way in LUM to only allow certain groups to be able to SSH
into OES Servers ???

Thanks for any help...

I am pretty sure my LUM is working correctly.. However in iManager, I
can not see the Linux Enabled Services within the workstation object.