Hi everyone!
Simple question, and - I'm afraid - not a simple answer:
Let's say I want to hook up to a domain for network services, but do not
want to allow domain logins on my box, to protect my data, because the
domain administrators are not trustworthy.
Is there a way to give my linux networking the domain login information
so that the desired services (intranet, mail authentication and the
likes) will consider me registered in the domain, but where the only way
to log on to the system is via locally registered useraccounts?
Obviously, the computer should only be registered to the domain when
desired, and *after* a local user has logged in.
I am thinking along the lines of this:
- local user logs onto the debian box
- debian box has a daemon running that handles access to domain services
- when local user accesses a domain service, the daemon either uses
stored domain logon information (machine account needs to be stored
somewhere after generation, user login is up to the users taste I
guess), or asks the user for login information
- local user can access domain services as he desires
- after some timeout (optional), the machine unregisters from the domain
(if desired)
I am researching what I can find on the web on this topic in parallel,
but I thought I'd ask here already, in case someone knows right away
what to do.
Best Regards,
Lars
FAQ
Search
Profile
Private Messages
Log in
Linux