Login permissions
Tavis Barr
tavis at mahler.econ.columbia.edu
Mon Feb 7 18:20:39 GMT 2000
On Mon, 7 Feb 2000, Ondrej Hanak wrote:
> Hi samba men,
("Real men use Samba"?) :)
> only one question is on my mind. Does possibility exist to restrict some
> users from login into some workstations in NT dom? I'm looking for system
> solution, not like restrict user's reading permissions on system root.
> Thanks for any comment.
A securely set up workstation will have a local group that you want to have
Samba domain members (e.g., users or power users, depending on how much
you trust your users). Normally at installation time, we use the
workstation user manager to map that group to SAMBA_DOMAIN\"Domain
Users" and use the domaingroup.map file to map "Domain Users" to a Unix
group.
Instead, you could map the local group to "Workstation_X_users" and then
use the domaingroup.map file map "Workstation_X_Users" to a different
Unix group.
This requires TNG. Do not user 2.0.x.
Good luck,
Tavis
More information about the samba-ntdom
mailing list