On Sat, 2004-01-17 at 07:00, [EMAIL PROTECTED] wrote: > I need to allow [read] access to a Samba server using both IP filtering & > UserIDs . > > For a given list of IP subnets, any user should have access. > Outside these 'trusted' subnets, I need to do User authentication. > > I can handle the User authentication OK in several ways. > However, I don't see any way to do the 'short circuit' allow for some IPs, > then use User authentication after that. > If I do a 'deny', in the InetD or in Samba, then the 'untrusted' subnets > are denied, & not allowed to try logging-in . > > Any ideas? > > I originally thought that PAM would give me this functionality, but now I > don't see it. > Is PAM at all popular for Samba 'authentication' ?
You could set 'obey pam restrictions', and then write an 'account' module the enforced these restrictions. That assumes you want to always require passwords, but only allow some particular accounts from the untrusted IPs. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
