>That's has nothing to do (DHCP)
Sorry! My mistake! I thought ident only returned a complete
"username@hostname" type id, and that Squid compared on
hostname/IP-address, rather than username...
>I think any computer in your compary logon to network (for e.g. Mapping
>net drives) in logon script you insert start (form the net) identd daemon
>(for Windows).
That's correct. The logon script uses Kixtart, so we can do all sorts of
stuff from the logon script.
So you keep a list of all allowed users somewhere? We would like to avoid
having to update users two different places. Meaning, we only want to keep
users in the NT database. And the best way to do that, for us at least, is
to use an NT group and put the allowed users in there.
I guess we could also check that a user is member of the allowed users
group before starting the ident daemon from the logon script, but users
could easily get around that by starting their own ident daemon manually.
Most of our users aren't really up to the task of cheating the system like
that, but some are, and these are the ones that we want to stop :-)
The second problem has to do mostly with company policy as "we only want
stable/solid applications running on the PCs, which is why we usually only
go for Microsoft products". :-) Anyway, if Microsoft made such a thing as
an ident daemon and it costs lots of money, I'm sure I could get it
approved with no problems at all. (The fact that it probably would be ten
times more unstable than the freeware identd from Made in the Basement
Productions, is irrelevant)
Which identd is considered to be the most stable, and least
resource-hogging one (Windows98)?
Espen Lyngaas, IT Consultant, Color Group ASA
Espen.Lyngaas@colorline.no Espen.Lyngaas@c2i.net
http://www.team17.com/~elyngaas/
Phone: +47-95063143 +47-22944315 ICQ: 43241796
Received on Wed Oct 27 1999 - 06:05:16 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:49:06 MST