Lookup table: Restrict specified accounts on specified IP
Hi, I have tried to searching around the forum but didn't found the similar case, so this thread is posted, hoping that anyone could enlight me~ Thx.
OK, this is the case:
We would like to restrict the login accounts could ONLY login from the specified IP address, for example: user a/c firstname.lastname@example.org is able to login from ip 10.0.0.1 ONLY, attempts from other IPs would deny his login even with the correct password!
What I thought is, creating a table (with email a/c, pwd, ip address) for lookup while the user login to the ZCS - an additional script to intercept the user's input and check the current ip address, then search the login name on the table, it will check whether the pwd is correct and whether the current ip match the allowed ip ONLY IF the login name is found on the table. The login name which did not contained on the table will just go ahead without further action~
We need to do so because:
1/ our environment is the retail chain stores
2/ the shop staff will working on different shops from time to time
3/ the shop PC will shutdown everyday so they have to know the password
4/ it's not practical to change the pwd frequently as the staff not familiar with IT
5/ we don't want the shop staff open other shop's mailbox
Does anyone know where should I go for it? Many thanks~
OS=Ubuntu 8.04 LTS
Current: Release 5.0.10_GA_2638.UBUNTU8 UBUNTU8 FOSS edition
Current: Release 5.0.2_GA_1975.openSUSE_10.2_20080130231825 UNKNOWN FOSS edition
Prior: Release 4.5.6_GA_1044.SuSE10_20070706142147 openSUSE_10.2 FOSS edition