Thank you for thw detailed explanation, I do really appreciate that! I've learned something new today. On 7/26/07, Bryan O'Neal wrote: > Open AD Users and Computers, right click on the user, go to accounts, > click the Log Onto button and select the allowed computers. > > Alternately you can restrict who can read and write to the computer in > the computers properties security tab, however this is very heavy handed > and restricts all access not just counsel level logins. > > Alternately you can move the computer to another container, such as the > server container, and have a group policy that only certain people can > log into computers in that container (Google active directory managing > group policies, it gets tricky if you don't do it all the time) but > this is the preferred method > > The KDC should not issue a certificate to a computer that it can not > access. > > -----Original Message----- > From: plug-discuss-bounces@lists.plug.phoenix.az.us > [mailto:plug-discuss-bounces@lists.plug.phoenix.az.us] On Behalf Of Dan > Lund > Sent: Wednesday, July 25, 2007 9:05 PM > To: Main PLUG discussion list > Subject: Re: Rudimentary article on joining Linux to active directory > > You can do it under AD? > I didn't realize that... what's the proper way? > Forgive me, but it'd be nice to know this :) > > On 7/25/07, Bryan O'Neal wrote: > > You restrict it using either the appropriate pam config, or two (the > way > > I do it) using windows active directory. I know, I am evil, I didn't > > even try it under Linux, I went right to the authenticating server and > > restricted it their using a nice windows gui that has worked for me > for > > so many years now... Sigh, > > > > Any one know a better answer? > > > > > > > > -----Original Message----- > > From: plug-discuss-bounces@lists.plug.phoenix.az.us > > [mailto:plug-discuss-bounces@lists.plug.phoenix.az.us] On Behalf Of > Dan > > Lund > > Sent: Monday, July 23, 2007 9:07 AM > > To: Main PLUG discussion list > > Subject: Re: Rudimentary article on joining Linux to active directory > > > > Done this before, the one thing I want to know is how to make it so > only > > > > a certain group or user can log in via the AD login information. > > > > > > Bryan O'Neal wrote: > > > > > > This is clearly written from a windows users point of view, and is > > > mildly simplistic, but it is not a bad article > > > > > > > > > > > > > > > http://searchwinit.techtarget.com/tip/0,289483,sid1_gci1264223,00.html?t > > rack=NL-118&ad=596213&asrc=EM_NLN_1822926&uid=6232170 > > > > > > > track=NL-118&ad=596213&asrc=EM_NLN_1822926&uid=6232170> > > > > > > > > > > > > > > > > > > **Bryan O'Neal*** > > > Cornerstone Homes & Development, Inc.* > > > 4220 E. McDowell Rd Ste. #108 > > > Mesa, AZ 85215 > > > (480) 505-1900 > > > > > > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > --------------------------------------------------- > > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > > To subscribe, unsubscribe, or to change your mail settings: > > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > --------------------------------------------------- > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > To subscribe, unsubscribe, or to change your mail settings: > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > --------------------------------------------------- > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > To subscribe, unsubscribe, or to change your mail settings: > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > > -- > "Courage is like love; it must have hope to nourish it." > -Napoleon Bonaparte > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- "Courage is like love; it must have hope to nourish it." -Napoleon Bonaparte --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss