[Samba] Samba + Active Directory -> Deny Hosts
tflsmb at radiantpoint.com
tflsmb at radiantpoint.com
Tue Feb 24 21:14:48 GMT 2009
Hi All
I just got my RHEL5 hosts authenticating successfully from a Win2K3-R2
Active Directory server using the Samba / Winbind combination. While the
host login capability works perfectly, we need the capability to deny
specific users and groups access to specific computers.
The generic Active Directory option of User->Properties->Account->Log On
To works perfectly (i.e. I can specify my host, and it denies or allows
accordingly) however I would have to specify all of the machines that I
wish to allow access for an individual (which is not really feasible).
The Group Policy Object - Deny Log on Locally - I believe is not supported
for Linux (is this correct?)
Is there a way to get this functionality to easily work for groups (i.e.
GroupX is allowed to login to Host1, while GroupY is not?) on the Linux
end? Has anyone been successful?
Thanks again
--Tim F.
More information about the samba
mailing list