|
Posted by Christian Thies [Ar] on August 17, 2007, 10:52 am
Please log in for more thread options
Flibbitz, thanks for you answer
The domain is exclusive for sharing this service. I've tried to control
username and passwords in a non domain scenario, but I couldn't/don't know
how.
In the other hand, I am actually controlling a much demanded content. So
part of the contract users sign is that I control usernames and passwords
The domain can be removed if I can control access in a group environment
IŽll try the product FlexLM and let you know if fits to my needs
Regards
> Are you trying to use the username that the users use to log into Windows
> as your limiting factor, or is there a separate logon to your "product"?
> If the latter, your product will have to maintain its own set of
> usernames and passwords, and should handle limiting multiple logins
> itself.
> If the former, what is to stop (for one example) the same person from
> logging in twice using different Windows usernames, and using your
> product twice that way? It comes down to who is in control of creating
> the usernames and how users are authenticated.
>
> It sounds like you should "build your product" so that it handles this
> itself, and not rely on altering the behaviour of Windows. No one I know
> would be likely to buy a product if it required changes to their domain
> like what you are asking for (except perhaps if they would use all the
> computers in the domain for nothing but running that one product).
>
> There are situations where there are reasons to limit the number of
> simultaneous logins (such as in a school, to keep students from
> "hogging" multiple computers in a shared lab, for example), and there are
> products that provide this sort of function. However, I can't see much
> desirability in this being done to control access to a single program.
>
> Look at what many commercial programs/packages do - they often use their
> own licencing system that controls who or what computers can run the
> program, and/or limits the number of users/machines that can run the
> program at one time. Actually, they often buy something like FlexLM
> (among others) to include in their product for this sort of thing,
> instead of creating their own licencing system.
>
>
>
>
>> I'm building a product that is accessed with a username and password,
>> and for preventing unauthorized access to it, I need to prevent
>> multiple simultaneous logons with the same username and password
>>
>>
>>
>> Sorry about my English. Let me know if the answer is clear
>>
>>
>>
>> Christian
>>
>>> Why do you need to do this? What security risk do you need to
>>> mitigate?
>>>
>>> Steve Riley
>>> steve.riley@microsoft.com
>>> http://blogs.technet.com/steriley
>>>
>>>
>>>> Hi, I have Windows 2003 domain working. I need to allow only one
>>>> network logon per user.
>>>>
>>>>
>>>>
>>>> The example is:
>>>>
>>>>
>>>>
>>>> User: username
>>>>
>>>> Status: Logged
>>>>
>>>>
>>>>
>>>> If user username try to login from a different machine, and he is
>>>> logged in another, the login attempt must be denied
>>>>
>>>>
>>>>
>>>> How can I accomplish this?
>>>>
>>>>
>>>>
>>>> Thanks in advance
>>>>
>>>>
>>>>
>>>>
>>
>>
>
| 
XML Sitemap