We have a Linux 12.1 enterprise server that has been added to our domain. We can log in using AD credentials to the Linux box, but we want to restrict who can login now to two security groups. One will have root like access and the other will be a regular user with no administrator controls. How do we accomplish this?