Dear all I have a samba 3.0.21 with openldap as a primary domain controller, and all my windows clients are joined to my domain. i have file servers (Domain Member servers - linux systems) which are given access for file sharing to my clients. so all the windows clients in my domain access the file server according to their user permissions. i also have some windows clients which are not joined to my domain, but are in the same network as my PDC. they are also able to access the file server, but it prompts for username and password, and user gives the username and password and access it. is there any way that the windows clients which are joined in my domain only should be able to access the file servers and the sysetms which are not joined should not be able to access file services. i don't want to implement ip level security on shares, as user can change the ip and access it. i would like to know if file servers which are in joined to my PDC can be given access to only windows clients which are joined to my domain, any other windows client which is not in OU=Computers ie which is not yet joined to my PDC should be denied. Is it possible ? please guide me Regards Niranjan
On Wed, 2006-02-08 at 19:47 +0530, ashok cvs wrote:> Dear all >> i would like to know if file servers which are in joined to my PDC can be > given access to > only windows clients which are joined to my domain, any other windows > client > which is not in OU=Computers ie which is not yet joined to my PDC should be > denied. > > Is it possible ? > please guide meIn short, no. There isn't a good way to tell from an incoming connection if the client machine is in a domain, and at best, it would be the same 'level of difficultly' as IP address based access controls. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20060209/6b9d77ce/attachment.bin