windows nt domains and ip masquerading...
Luke Kenneth Casson Leighton
lkcl at samba.org
Fri Aug 11 07:26:12 GMT 2000
alternative, wrap samedit in scripts or dig down into its code just like
tim did, for writing winbind.
so use either winbind or samedit as a basis for writing a c-app.
On Tue, 25 Jul 2000, Peter Samuelson wrote:
>
> [Shawn Campbell <clasmc at yahoo.com>]
> > Specifically, when a computer sends a request to the masq box, it
> > would ask the pdc what group the user on that particular computer
> > belongs to, if the group is faculty or staff, the masq rules adjust
> > to let those requests go through uncensored. If the user on that
> > machine is a student, their requests are filtered. How feasible is
> > something like that?
>
> That is a *perfect* application of the `ident' protocol. Too bad
> Windows doesn't support it. You might look for a third-party ident
> server for Windows, though that still implies client software which you
> said you didn't want.
>
> What distinguishes ident is that it doesn't assume that a given
> computer can only have *one* person logged on. That's a very poor
> assumption in most operating systems, and even Windows NT has started
> to catch up recently with Winframe/Metaframe/TSE.
>
> > Could a perl script be constructed to create such a solution?
>
> Yeah. I believe `winbind' (look in recent Samba CVS and be prepared to
> fiddle around some) has some of this functionality in place. Write
> glue code to call back to that -- see winbind_nss etc for examples.
>
> Peter
>
<a href=" mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton </a>
<a href=" http://cb1.com/~lkcl" > Samba and Network Development </a>
<a href=" http://samba.org" > Samba Web site </a>
ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals
More information about the samba-technical
mailing list