[Samba] Migrating an NT4 domain to a Samba PDC - How to limit users access to only certain machines?
Jason Somers
jason at redbarncomputers.com
Fri Dec 18 08:06:31 MST 2009
Solved!
In case any of you are interested, John Terpstra gave me a call and
explained how to set this up, and I figured I would pass along the
information.
First, having set up the PDC, I logged into one of the Windows XP
workstations as a Domain Admin and downloaded the Windows NT Server
Tools package:
http://support.microsoft.com/kb/173673
I extracted the archive and ran USRMGR.EXE
From this old school interface, I was able to see my domain users and
using the "Log Onto" button, was able to set which machines each user
has the permission to log on to. I tested it out afterwords, and it
worked great. After uing an LDAP manager, I was able to see that the
object class added to the user profile was sambaUserWorkstations, so
Michael was indeed correct!
There was also an option in that app to set logon times and password
expiry options, but I have not yet gotten a chance to try them out.
A big thanks to everyone for your help!!!!
-Jason
=================================================
Jason Somers
Network Administrator
Red Barn Technology Group, Inc.
1235 Front Street - Suite 3
Binghamton, NY 13905
(607) 772-1888 x222
Michael Heydon wrote:
>
>> we need to limit certain users to have permission only to log in to
>> their specific workstation.
> I'm not familiar with ClearOS, but if it uses an LDAP backend (and
> maybe even if it doesn't) the sambaUserWorkstations property should do
> what you want.
>
> *Michael Heydon - IT Administrator *
> michaelh at jaswin.com.au <mailto:michaelh at jaswin.com.au>
>
More information about the samba
mailing list