On Thu, Mar 27, 2003 at 12:31:08PM +0700, Kevin wrote: > I am running several samba servers (2.2.3a and 2.2.7) in various places as > pdcs. Everything seems to be running smoothly, but I can't find any way of > restricting access to only those uses who have logged on to the domain. Is > this possible? ie at the moment, any user can map a drive to \\server\share, > put in a valid user/password pair and have access to that share without > going through any logon script or pol files. This is what I would like to > avoid. I believe that if I can do this, it would also stop any unauthorised > machines from accessing the shares, as these machines would not be joined to > the domain. > > Is this sort of authorisation possible?
While 'hacks' might be possible, shares are authenticated seperatly to the domain logon, and there is no linkage apart from the fact that the domain logon sets up the default username/pw pair. Fundementally, any restriction imposed by logon script/.pol files can be avoided - you must never trust the client to actually follow their directions... Andrew Bartlett -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
