[Samba] Login with special groups

Doerr, Kevin R krdoerr at purdue.edu
Fri Jan 25 17:57:41 GMT 2008


Niki Hammler wrote:
> But there are a few workstations where only users should be allowed to

> login who are members in some certain groups.

The "Log on locally" security policy in Windows might do what you're
looking for:

http://technet2.microsoft.com/windowsserver/en/library/15744f9c-e188-4fa
c-ac60-9380a58b30ae1033.mspx?mfr=true

Kevin

-----Original Message-----
From: samba-bounces+krdoerr=purdue.edu at lists.samba.org
[mailto:samba-bounces+krdoerr=purdue.edu at lists.samba.org] On Behalf Of
Niki Hammler
Sent: Thursday, January 24, 2008 5:34 PM
To: Ryan Novosielski
Cc: samba at lists.samba.org
Subject: Re: [Samba] Login with special groups

Ryan Novosielski schrieb:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Niki Hammler wrote:
>> Ryan Novosielski schrieb:
>>> [...]
>>> Can't this be done via Windows account policy these days, like logon
>>> hours, or is that not the case?
>>
>> No, I haven't seen such settings in the policies (in SAM database).
> 
> Alright, then what is the "Workstations" spot there for? I could have
> sworn that was for allowed workstations. If not, does anyone know what
> that IS for?

Ouh, I've read over this ;-)

Anyway, as you've found out below, this is the wrong direction ;-)

> Now, even if I am correct about that, it is quite possible that there
is
> no easy way to set that for a group of users, which means that this
> doesn't necessarily answer the question...

Yes, the problem is that I've dozens of workstations where everyone 
(approx. 600 users!) in LDAP should be allowed to login.

But there are a few workstations where only users should be allowed to 
login who are members in some certain groups.

Best regards,
Niki
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba


More information about the samba mailing list