If trying to access via ssh you can add to sshd_config file

# you gonna want root group....
AllowGroups root blabla bla2 bla3 

Using sssd to map the groups in linux

my .02

On Wed, Feb 19, 2020 at 1:01 PM Michael Ströder <michael@stroeder.com> wrote:
On 2/19/20 9:55 AM, Клеусов Владимир Сергеевич wrote:
> I connected ldap linux clients to the OpenLDAP server.
> I need to make a certain group of users able to connect to certain
> computers. How do I do this ?
With most LDAP posix user management deployments you have to configure
the Linux clients to query only certain user groups or configure other
PAM access control or similar.

My Æ-DIR (based on OpenLDAP) provides views to the Linux clients based
on hosts' service group membership and the user groups referenced:

https://www.ae-dir.com/docs.html#er-roles

So no need to configure the clients (except bind-DN and host password).

If you have many clients consider using aehostd for better search
performance / less load (see https://ae-dir.com/aehostd.html).

Ciao, Michael.