The Configuration of the /etc/ssh/sshd_config looks like this, the members in ad-group1 and ad-group2 do have access to the system with SSH, the members of ad-group1 who are not in ad-group2 don't have access to the system.
Status Quo
Match Group ad-group1,ad-group2
AllowUsers *
Match Group ad-group1,!ad-group2
DenyUsers *
The Problem is there are two Users, which should have access via SSH too, but there aren't members of ad-group2,how do I have to edit the sshd_config, that User ad-user1 and ad-user2 have acess even if there aren't in ad-group2
I thought of something like this:
Match Group ad-group1,ad-group2
AllowUsers ad-user1 ad-user2
Match Group ad-group1,!ad-group2
DenyUsers *
but this shows not the right effect