* Lars Ellenberg wrote on Tue, Jan 28, 2003 at 04:17 +0100:
On Mon, Jan 27, 2003 at 08:36:12PM -0500, GarUlbricht7@netscape.net wrote: you could use acl ident <something>
either implement and start an identd like service on each of your win boxes :)
If you have an ident style service available, you don't need to wrap it to look really like ident, you can use an authenticate_program that does the job in some way. I think the key point is to make sure that the computer is used by an authenticated person. This is difficult to understand for unix maillinglists. You must remember, that windows is traditionally used by a single person. Usually the situation is, that one and the same person is using one and the same PC and IP address. On windows, people get the impression that they log into a computer. Windows caches the passwords automatically, when you open a new windows share, this works without password. In multi-user environment someone would tell this horrible, yes, it is, in companies sometimes it's problematic, but on a typical windows station it's quite normal. When we are talking about hacks :) What's about using a samba server and make the users automatically to lock some file (when logging in, with a profile). The filelock is done via some share, and windows would login here automatically when accessed (I think :)). A mapped network drive is sufficient also (after checking a win2k entry :)) So you have the user information on a linux system. Here you can use smbstatus to get the usernames that are authenticated somewhere. Well, if you trust this information, you use it for authenticate_program. For performance, you have to cache of course, squid can be configured to do so. oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.