On Fri, 2009-11-20 at 22:28 +0100, Lars Müller wrote:
On Wed, Nov 18, 2009 at 05:09:21PM +0100, Roger Oberholtzer wrote:
I have an openSUSE 11.x machine that has joined the local Windows Active Directory. It is working great. Windows folk can log in and a $HOME is made on the fly if it does not exist.
But you knew there would be more...
- automaticall mounted home from the file server or something like roaming profiles/ homes. - unique uids on all Linux workstations.
We have thousands of users in the Active Directory. I really do not want all of them to have access. In the LDAP entry, there is a OU= field for those I want to be able to log in. Is it possible to limit login to those in some specified OU= ?
See the ldap setting examples from the samba-doc package in /usr/share/doc/packages/samba/examples/smb.conf.SUSE
Plus the explanations in the smb.conf man page.
I have now looked here. I am none the wiser. I have also looked around the 'net and am still in the dark. The closest I came was to use the Limit Users samba directive, and then list all the users I want to allow. This seems not to be in the spirit of what I want to accomplish. In addition, one is then probably required to change the '\' separator in the user name to be a '+', and inform all the Windows users about this oddity. Is this really the only way? Given all that samba and ldap are doing, it seems like an odd omission. I suspect it is rather a lack of docs rather than a lack of functionality. But who can really tell. -- Roger Oberholtzer OPQ Systems / Ramböll RST Ramböll Sverige AB Krukmakargatan 21 P.O. Box 17009 SE-104 62 Stockholm, Sweden Office: Int +46 10-615 60 20 Mobile: Int +46 70-815 1696 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org