On Friday 05 July 2002 16.15, Simon Bryan wrote:
> Hi all,
> We need to move our network to use DHCP and at the moment I have
> certain activities restricted to sepcific machines (eg webmail only
> on staff machines) I currently do this via the IP of the machines,
> is there a way to do this via the workstation name (or a better
> way?). The workstations are all W2K, WindowsNT or WindowsXP.
There is plenty of ways to do things..
a) You could use proxy authentication. Squid happily integrates with
NT Domains for authentication.
b) If you run a Microsoft DNS server connected to your WINS server
then Squid can query this one to find the workstation name
c) You could use the external_acl feature of Squid-2.5 to write a
small helper to verify the workstation name (a Windows workstation
name can easily be queried using Samba nmblookup -A <ipaddress>)
And there probably is about 5 other ways to go about this..
Using authentication is by far the most secure, reliable and trackable
mechanism. Also makes the users aware that they are not anonymous on
your network which by itself has a good effect on behavior regarding
filtering etc..
Regards
Henrik
Received on Fri Jul 05 2002 - 10:02:43 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:09:04 MST