[Samba] net sam setworkstations !logic

[Chris Smith]

Hello,

Is there any way to use NOT logic with "net sam set workstations"?

Instead of explicitly declaring which workstations are allowed, I would 
like to explicitly declare which ones are not on a per user basis.

The reason is that many users bring in their own systems 
(desktops/laptops) and in order to deny them logons to administrative 
systems I have to limit access via "net sam set workstations" which has 
the unfortunate side effect of preventing use of domain resources, such 
as printing even when they enter their proper domain credentials (their 
personal systems are not domain members) as these personal systems are 
not in the allowed list. Of course these systems can added but there's 
a delay, complexity that I would like to avoid, and besides most of 
them don't even know how to find the hostname of their system. 
With !logic all systems not explicitly denied would be implicitly 
allowed and would make this management task a lot easier.

Thank you.
-- 
Chris