Novell Logins refined question

[tpulley]

I have one sever that has a 5 user license. Users are authenticating to it when I don't want them to. When I check the avail license it shows unwanted login (taking the licenses away from the users I intended it for).

Any idea how to restrict this?

 

[Jontmke]

The way you restrict users is to not give them a login. You can also restrict which computers users can log in from. If this is in a tree then do not map the volumes to a drive letter and the user will not use a license. And you then block all rights to that server except for the people who need it.

Jon

There is much pleasure to be gained from useless knowledge. (Bertrand Russell)

 

[TheLad]

What you're probably suffering from is the fact that you now cannot switch off a server replying to a workstations login request. In the good old IPX days, you could SET REPLY TO GET NEAREST SERVER = OFF and that would ensure that a server with this set would not respond to authentication requests. Using IP, this does not work.

The only true method I have found to combat this is DHCP Option 85. You set the Option up in your DHCP scope and point it to the IP Address of your main server. This will ensure that when a client is booted, the server field on the login box (under Advanced) is populated with this IP Address. This forces the client to use this server for authentication.

This may be your best bet.

-----------------------------------------------------
"It's true, its damn true!"
-----------------------------------------------------

 

[tpulley]

The DHCP addresses are being issued by an NT server. There are two Novell servers in the mix providing file and print and etc for a group of users.

I think you are right about not being able to turn off or point to a specific logon server for the clients that is what I remember that use to work.

Wouldn't it be nice to allow logins only from specific mac addresses, Ip addresses etc. From a server console input the who, or what and when etc. Then talk about granular control....

 

[terry712]

you can only allow a connection from an address
it's in the properties of the user

 

[tpulley]

How so? Where is this at? If I understand you correctly, I can find the user in the nwadmin console select the user, then in the properties, define their authentication server? Hmmmm Hafta look for this.

 

[TheLad]

In the properties of the user object under the Environment tab, you do have the option of specifying a default server - I don't know if this makes it the authenication server however, I cannot see how it would as the PC would have to authenticate to a server to read that anyway.

As I said before, the only true way of forcing this is by typing the main server IP Address into the Server field of the Novell Client (under Advanced). This will force the Client to authenticate to the main server.

-----------------------------------------------------
"It's true, its damn true!"
-----------------------------------------------------

 

[terry712]

take the replica off the server that you dont want them to authenticate too - only give rights to data directories

set the default server in their user object

not a great fan off the dhcp option but it works but can cause issues in certain circumstances but if you are using nt's one then it's primitive and will not supprt this functionality

if you issue the slpda through the dhcp (again not sure if nt supports this) then again this will force auth server