oregonisonline
asked on
Control users login/logout times and force logoff?
Hello.
I currently use rh9. Have a nice little box that I'm using as an internet gateway/squid transparent proxy. I would like to force network clients to log off and kill internet access after a certain time of day.
Can someone please point me in the right direction?
BTW, the clients are all winxppro boxes. Domain logn to SAMBA running on the same box. IPTABLES for the firewall scripts.
Thanks.
I currently use rh9. Have a nice little box that I'm using as an internet gateway/squid transparent proxy. I would like to force network clients to log off and kill internet access after a certain time of day.
Can someone please point me in the right direction?
BTW, the clients are all winxppro boxes. Domain logn to SAMBA running on the same box. IPTABLES for the firewall scripts.
Thanks.
Hi Oregonisonline,
I think this deservers some more explanations :
- what do you mean by "Log Off" ? Do you mean log the off from their client computer ? If so, it looks like a Windows problem (assuming the clients are running Windows).
- you want to "kill internet access after a certain time of day"... suspect you want to re-authorize it after a certain other time of the day too. If you want to disable ALL access, and if your box is doing NAT (masquerading) or routing for the clients, I'd use cron to remove / add your NAT rule, hence completely disabling / enabling Internet access.
I think this deservers some more explanations :
- what do you mean by "Log Off" ? Do you mean log the off from their client computer ? If so, it looks like a Windows problem (assuming the clients are running Windows).
- you want to "kill internet access after a certain time of day"... suspect you want to re-authorize it after a certain other time of the day too. If you want to disable ALL access, and if your box is doing NAT (masquerading) or routing for the clients, I'd use cron to remove / add your NAT rule, hence completely disabling / enabling Internet access.
" I would like to force network clients to log off and kill internet access after a certain time of day."
A very easy but not very elegant method would be to have a cron job setup for a certain time which contains the command "service network stop". Then have a cron job setup for the time you want to allow access again which has the command "service network start".
A very easy but not very elegant method would be to have a cron job setup for a certain time which contains the command "service network stop". Then have a cron job setup for the time you want to allow access again which has the command "service network start".
Just as a note... if you "network stop", you don't only kill internet access for the users but kick any kind of Internet communication for your gateway : no more remote admin, backup, monitoring, mail, nothing....
It's maybe not what you want.
It's maybe not what you want.
You might just want to run a cron job to kill all the users login sessions (or remote user's login).
Please defind what you mean by "Control users login/logout times and force logoff"?
Do you mean kick off all the user at the same time of the day? if so, use cron to kill all the
normal user's process will do the job for you.
Please defind what you mean by "Control users login/logout times and force logoff"?
Do you mean kick off all the user at the same time of the day? if so, use cron to kill all the
normal user's process will do the job for you.
ASKER
Sorry I didn't jump back on earlier. I'll try and make this a little more clear.
I may have to push this to a Windows2000 Domain controller with ISA server. It's starting to look that way.
In a Windows domain, you can set local and domain security policies which include the ability to force a user's logoff of the domain (and machine) to include network access at a specified time of day. Each user can be different.
I don't want to just do a network stop on the linux box, as there are other users who will have unrestricted access to the internet and other network functions.
Basically, want the kids to be forced to log off their machines by 10 pm m-f 11:30 pm on the weekends, while allowing the adults to continue access as normal.
I hope this clears it up a bit.
I may have to push this to a Windows2000 Domain controller with ISA server. It's starting to look that way.
In a Windows domain, you can set local and domain security policies which include the ability to force a user's logoff of the domain (and machine) to include network access at a specified time of day. Each user can be different.
I don't want to just do a network stop on the linux box, as there are other users who will have unrestricted access to the internet and other network functions.
Basically, want the kids to be forced to log off their machines by 10 pm m-f 11:30 pm on the weekends, while allowing the adults to continue access as normal.
I hope this clears it up a bit.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
yuzh: I sure hope he has no kid named "joe" (would kill the joe editor) or "ache" (would kill apache) :P
-> ps -U $name looks better :P
Anyways, I have the feeling oregonisonline's problem is a Windows problem, not a Unix one.
-> ps -U $name looks better :P
Anyways, I have the feeling oregonisonline's problem is a Windows problem, not a Unix one.
ASKER
Since it appears that there is no "graceful" way to make this happen with Linux, I'm gonna go the Windows route.
Not too happy about that though.
Thanks for all of the great posts. Yuz came the closest to what I was looking for so points awarded to him.
Not too happy about that though.
Thanks for all of the great posts. Yuz came the closest to what I was looking for so points awarded to him.
For scheduling solution "crontab" is used. You can schedule any job for different periods of time.
A short and easy documentation for crontab:
http://www.nerc-online.com/support/www/crontab.html
have fun.