Samba and Openldap with the attribute "userWorkstation"
icoupeau at unav.es
Thu Aug 22 23:29:15 GMT 2002
georges.goebel at ist.lu wrote:
> We have installed Samba (2.2.5) as PDC and Openldap (2.0.25) for password
> authentification. But we want that several users can only login on their own
> machine in the domain and NOT on any other computer in the domain. Therefore we
> tried to use the attribute 'userworkstation', which is defined in the
> samba.schema, where you can specify a list of machine accounts where the user
> can login. But we found several sources who said that it is not
> yet 'implemented' or 'supported'.
We have a very similar scenario here (2.2.5 and OpenLdap 2.0.25) and
every user can log in any WS in the domain with the roaming profiles,
without care about attribute 'userworkstation'.
If an user can log only in their machine may be due to several problems,
also with the roaming profiles.
What kind of WS do you have OS/SP?
A debuglevel to 2 may tell you a lot of things...
also this may help: http://www.unav.es/cti/ldap-smb/ldap-smb-2_2-howto.html
Ignacio Coupeau, Ph.D. e-mail: icoupeau at unav.es
CTI, Director fax: 948 425619
University of Navarra voice: 948 425600
Pamplona, SPAIN http://www.unav.es/cti/
More information about the samba-technical