[Samba] Authorizing login per station
Andrew Bartlett
abartlet at pcug.org.au
Sat May 11 01:26:02 GMT 2002
Mario Juric wrote:
>
> Hi,
> We're using Samba 2.2.2 as a PDC for W2k and XP clients. We have
> two types of users - "regular" users and "management". The problem I have
> is to allow only the "management" users to login from certain stations,
> and deny the login rights to regular users. That is, I need the ability do
> set per-station login permissions.
>
> Is there a way to do this using samba 2.2.x branch, or is it
> planned for 3.x? If there's a way to do this with 2.2.x, I'd appreciate
> any pointer to docs or other info on doing it.
Implemented in Samba 3.0 - use either the ldap or tdb backends, and set
via user mangager or a manual ldap modification. The attribute (a comma
seperated list) is userWorkstations in LDAP.
Otherwise, look at what PAM modules you can find, and limit based on
RHOST value (a paramater we pass to PAM, which is either the IP or
reverse DNS).
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba
mailing list