[Samba] samba + user/host authentification
Andrew Bartlett
abartlet at samba.org
Sun Nov 9 00:34:43 GMT 2003
On Sat, 2003-11-08 at 04:00, Hezekiel wrote:
> hi, i'm using suse 7.3 with samba 2.2.8 as PDC and openldap for
> authentification in network with wfw-, winnt-, w2k-clients. everything works
> fine.
> because not every client has the same configuration (same progs, same
> path's, hardware...), i got problems, if a user dosn't login from his
> ordinary workstation, his roaming-profile doesn't work fine.
> now, how can i force users only login from special machines (only to
> machines which have the same installation).
>
> example: userA only login to ms-workstion1
> userB login to ms-ws1,ms-ws2
> userC login to ms-ws3,ms--ws4
> userD only login to ms-ws4
>
> i tried to configure a user restriction about PAM with 'pam_access.so' in
> /etc/pam.d/samba and its config file 'access.conf', but it didn't work.
> but restrictions for login,ssh, ftp etc. via PAM and 'pam_access.so' works.
> maybe i have to set some values for the users in LDAP, but i don't know
> what. the answer is probable quit easy, but i've got no more ideas.
With Samba 3.0, the sambaUserWorkstations attribute contains a list of
workstation names, for exactly this purpose. Users can only log into
the workstations listed.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20031109/88029c1d/attachment.bin
More information about the samba
mailing list