NT Domain Aurhentification for routrer control

Buchan Milne bgmilne at cae.co.za
Fri Dec 8 10:04:48 GMT 2000


You might want to look at using a squid proxy server, with the smb_auth
module, which is supposed to be able to authenticate users off the NT
PDC. Squid has extended ACLs, and you can always just use a cron job to
change config files and HUP the squid if you want different ACLs at
different times.

Buchan


Sewa Makhinya wrote:
> 
> Hi.
> 
> There's a small Windows NT 4 domain network with one PDC and none BDC.
> Network is connected to Internet via router based on Slackware 7 Linux
> 2.2.13.
> 
> The task is to implement user-level authentification for Internet
> access. It means that, for example, user A, logged into domain in from
> any machine into network, must have full internet access, user B must
> have unlimited access only at worktime, and user C must have no
> internet acces, does no matter from what machine he logged in to
> domain.
> 
> I think that one of possible ways to implement it is system of two
> scripts. First of them, logon script, will be executed at user's logon
> to domain, recieve user's name and IP of machine, look at database and
> open internet access if user can use it at this time. The second of
> them, logoff script, will be executed at logoff time and close access
> from machine. But the question in this case is - how to execute script
> at user's logon to domain?
> 
> Or maybe there are some other variants to do it?
> 
> --
> CY / Best Regards, Sewa Makhinya, System Administrator of Aricol-Ukraine
> www.mobile.odessa.ua|loki at paco.net|ICQ14035202|+380487770708/+380674838648
> /* How many times have I felt diseased? */





More information about the samba-ntdom mailing list