domain logon restriction
Andrew Bartlett
abartlet at pcug.org.au
Mon May 14 08:02:29 GMT 2001
Dmitry Melekhov wrote:
>
> Turan Demirci wrote:
>
> > Hi I want to build a student pclab using samba and nt.
> > currently we are using netware 4.0. We can restrict students to
> > login from one pc at a time, by netware. I want to do the same by
> > samba. I search net but could not find any way to do it.
> > Is there a way to restrict domain logon number to a user?
> > If yes can you show me the way?
> > Thanks......
>
> Never thought about this before...
> But I think only way is to disable/enable account in smbpasswd by cron.
>
Use a pam session module, and the new pam session support in Samba 2.2.1
(obey pam restrictions = yes must be set). There is a maximum logon
module already, so either hack that, or write somthing similar. The
ttyname can be used as a key in the db, as we supply that when we
start/end the sessions.
Note that this is not used for domain logons, but for the file-share
connections, so presumes that your users get somthing critical like
their home directrory from the server.
Andrew Bartlett
abartlet at pcug.org.au
--
Andrew Bartlett
abartlet at pcug.org.au
More information about the samba-technical
mailing list