Hi all, I'd be interested to know if anyone has implemented a group based permissions system in LPRng, using kerberos.
I'll explain what I mean by this. We are developing a new computing infrastructure, with authorisation based around kerberos but also including an LDAP addition to this, allowing for authorisation by groups and so on, e.g. this group of people is allowed to use a certain service, and so on. There will be a netgroup style interface provided with this, which leads to... I would like to use this system in the LPRng permissions file so that I can say that, e.g. GROUP @special_users can print to particular printers. However, the GROUP value in LPRng is evaulated in the context of USER (which comes from the job control file) and I obviously need it evaluated in the context of AUTHUSER - the kerberos principals. Has anyone attempted this kind of approach, or has any ideas on how to implement it? Many thanks for any comments. Toby Blake University of Edinburgh ----------------------------------------------------------------------------- YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST <mailaddr> | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST <mailaddr> | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. -----------------------------------------------------------------------------
