Is it possible to use variables in the users.allow / users.deny files?
If you are deploying the files through VGP it is possible to use macros. For example, you could restrict access to the AD groups %hostname%-AdminGroup and %hostname%-UsersGroups.. Then create the groups in AD called machinename+staticgroupname.
1 - Computer Configuration | Policies | Unix Settings | Quest Authentication Services | Access Control | double click users.allow Configuration
2 - Then select the Text Replacement Macros
3 - Click Add
4 - In the "Find Text" field type in %hostname%
5 - In the "Replace with" field type in /bin/hostname | /bin/cut -d. -f1
6 - In the "users.allow Configuration" tab, click on "Add Custom"
7 - Select Group button and the type in %hostname%-AdminGroup
8 - Select Group button and the type in %hostname%-UsersGroups
On a UNIX machine with the hostname of host1, this would generate the following /etc/opt/quest/users.allow file.
host1-AdminGroup
host1-UsersGroups
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center