Ricardo,
Some environments do not have active directory.
Antony,
Do you still not understand? I need use Captive Portal to authenticate
my clients. With the use external_acl I getting through your ip your
username that already used in form auth. With this I apply my acls
blocking sites. What happens is that in a terminal server session I use
one different user.
Em 27/06/2013 14:57, Ricardo Klein escreveu:
If you use active diroctory, maybe make your rules based on ldap_group
and not in IP address?
--
Att...
Ricardo Felipe Klein
klein.rfk@xxxxxxxxx
On Thu, Jun 27, 2013 at 2:42 PM, Antony Stone
<Antony.Stone@xxxxxxxxxxxxxxxxxxxx> wrote:
On Thursday 27 Jun 2013 at 19:20:10, Oliveiros Peixoto (Netinho) wrote:
Hi Antony.
I have different acls that permit or deny access to urls. These acls
apply to groups and users where they are identified by the ip/user you
are logged in mysql.
If multiple users log into the same station I will not be able to apply
these acls.
In that case (if you cannot select the correct ACL based on just the user
part, from the group which might use that IP) I cannot think of a solution :(
I'd be interested if anyone else has an alterantive idea, though.
Out of interest, given that the usernames on the terminal server machine must
be unique, and you can therefore identify them to specific people, why can't
you assign userA/IPx to ACL1, userB/IPx to ACL2 etc?
Maybe you're sharing 5 usernames on the terminal server amongst 25 actual
people?
Em 27/06/2013 14:12, Antony Stone escreveu:
On Thursday 27 Jun 2013 at 19:06:45, Oliveiros Peixoto (Netinho) wrote:
Hello everyone!
I would like to clarify some issues with you. I need to set up a captive
portal for authentication of my users. I make this using External_acl
program that getting user and ip in mysql. The problem is that now I
have a windows server where multiple users use the terminal service and
using any browser for navigation making it impossible to authenticate a
user / ip. Does anyone have a solution for this problem?
Can't you just put:
userA / IPx
userB / IPx
userC / IPx
into the database, so that all the users are accepted as coming from the
same IP?
After all, what's the difference from a single PC where different users
could log on, but have the same IP address?
Regards,
Antony.
--
"640 kilobytes (of RAM) should be enough for anybody."
- Bill Gates
Please reply to the list;
please don't CC me.
