HPE Community
Operating System - HP-UX
1834022 Members
2358 Online
110063 Solutions
New Discussion

Restrict SWAT access question (SAMBA 2.0.7)

 
SOLVED
Go to solution
Please remove this user
Occasional Contributor

‎05-21-2001 11:09 AM

‎05-21-2001 11:09 AM

Restrict SWAT access question (SAMBA 2.0.7)

Hi all,

I have SAMBA 2.0.7 running under HPUX 11.00, and I?d like to restrict the SWAT access from determined IPs. Only authorized IPs must be able to open a browser connection to swat.

Another question is: I?d like to restrict only root user to login through swat. I have more than one user with ID=0, but just one must be able to login by swat.

Does anyone know if its possible ?

TIA.
0 Kudos
Reply
6 REPLIES 6
Shannon Petry
Honored Contributor

‎05-21-2001 01:38 PM

‎05-21-2001 01:38 PM

Solution

Re: Restrict SWAT access question (SAMBA 2.0.7)

Since swat is called with inetd, you can use the file /var/adm/inetd.sec to controll access I believe. Make sure that swat is in /etc/services though, and that you can open the port properly.

The syntax for /var/adm/inetd.sec can be found in
>man inetd.sec

but follows the format

service_name access host1 host2

where service_name is the port NAME as defined by services, access is either allow or deny, and then the host list.

After configuration, run
>inetd -c
to update inet's configuration!

If you have not touched /var/adm/inetd.sec before, make sure to read the man page. There are alot of nice controls you can use.

Regards,
Shannon
Microsoft. When do you want a virus today?
Reply
Stefan Schulz
Honored Contributor

‎05-22-2001 05:54 AM

‎05-22-2001 05:54 AM

Re: Restrict SWAT access question (SAMBA 2.0.7)

Hi Alex,

you can restrict teh access to swat in swat itslefe. Go to the password section and set the user and password to what you want.

We have set the User Name to sadmin. So you can log into swat only with this User Name. You don't have access to the configuration as root.

Hope this helps. Stefan
No Mouse found. System halted. Press Mousebutton to continue.
0 Kudos
Reply
Please remove this user
Occasional Contributor

‎05-22-2001 10:34 AM

‎05-22-2001 10:34 AM

Re: Restrict SWAT access question (SAMBA 2.0.7)

Shannon,

The inetd.sec works really fine, this is just what I was looking for restrict access from determined IPs.

Thanks a lot.
0 Kudos
Reply
Please remove this user
Occasional Contributor

‎05-22-2001 11:27 AM

‎05-22-2001 11:27 AM

Re: Restrict SWAT access question (SAMBA 2.0.7)

Stefan,

I have added one user at SWAT Password section (Server Password Management) like yours "sdamin". But others users can still login in swat. I have disabled one user too, but he can still login in Swat.

Should I do any changes at Global Variables Section ? I have attached my smb.conf file if you want to see it.

TIA.
0 Kudos
Reply
Stefan Schulz
Honored Contributor

‎05-23-2001 12:35 AM

‎05-23-2001 12:35 AM

Re: Restrict SWAT access question (SAMBA 2.0.7)

Hi Alex,

sorry i did misguide you. The accessrestriction here works only because of some specialities of our environment. This is nothin you can port to your site. Sorry that i have overseen this.

As for the access restriction based on IP adresses. The mailinglist says that swat uses host.allow and host.deny. Perhaps this is what you need for this problem.

Hope this helps and please excuse my mistake. Stefan
No Mouse found. System halted. Press Mousebutton to continue.
0 Kudos
Reply
Please remove this user
Occasional Contributor

‎05-23-2001 04:12 AM

‎05-23-2001 04:12 AM

Re: Restrict SWAT access question (SAMBA 2.0.7)

Stefan,

No problem and Thanks anyway.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.