Limit concurrent logins to multiple desktops on LDAP Linux network?

linux login ldap

After searching it doesn't look like LDAP or Kerberos will do this. Apparently there is no attribute for it in LDAP and there really is no way for it to work from an LDAP perspective. There's no logout from LDAP, so it would never be able to decrement the login count.

Given this, it appears that the solution will have to be ad hoc.

You'll need a service that monitors /var/run/utmp or the command w (shows users currently logged in) on each machine and reports it to a central server by some mechanism (nfs mount + text file, for example).

Then, you'll need a login script that kicks the user out if they've exceeded the limit of concurrent logins. The login script would read from the central server what the current login count is. Alternatively, you could have a service that modifies the maxlogins in /etc/security/limits.conf based on the value of the login count retrieved from the central server.

maxlogins = $total_logins - $current_logins

Basically, the most important consideration is that the users don't have permission to change the login count themselves or they could just manually change the value to allow more logins.

Related

IIS6: How to troubleshoot a 404 error in an ASP.NET application?
Mount an ext3 partition with a 16k blocksize?
Best practices to set up laptop with wireless and wired interface/NIC over DHCP?
Need help finding what is wrong with my .htaccess not being read
LDAP for privilege control?
Tomcat 6 IP address restrictions
Broken URL rewriting on Django/modwsgi setup
Optimal SVN server configuration for personal use
Please explain the following o/p of "top" command
Where to set "PHP_FCGI_MAX_REQUESTS" (lighttpd)
Roaming user profile issues on Server 2008
Slow SSD Read on Server 2008 SP2