In CentOS/RHEL 7, the /etc/pam.conf is depreciated and /etc/pam.d/remote will be used for controlling the telnet services. Follow the steps shown below to enable the telnet access to a group of users only.
Enabling telnet for group of users
1. Create a new group for users that are allowed to run telnet
# groupadd telnetusers
2. Add users to the group
# usermod -G telnetusers user01
3. Create the file /etc/security/telnet-group-users, and add the telnetusers group to the file.
# cat /etc/security/telnet-group-users telnetusers
4. Make sure /etc/security/telnet-group-users only writable for root user.
# ls -l /etc/security/telnet-group-users -rw-r--r-- 1 root root 7 Sept 4 10:32 /etc/security/telnet-group-users
5. Add following rules to /etc/pam.d/remote
auth required pam_listfile.so item=group sense=allow file=/etc/security/telnet-group-users
6. Verify the telnet connectivity to the server with any one of the user in the group “telnetusers”.