[plug] telnet server question

[Craig Ringer]

> I have been a silent member of the list for a while now and  have 
> managed to pick up a wealth of information about various bits and 
> pieces. The question that I would like to ask concerns telnet. 

The obligatory question: is SSH a viable alternative to telnet in your 
situation? There are Windows clients such as Putty, if needed, that are 
very good, and telnet is a security NIGHTMARE on anything but a trusted 
network. Switched networks are better than those with hubs involved, 
whereas telnet over the internet is a big no-no security wise.

> I would 
> like to set up a telnet server on the computer that I have set up as a 
> PDC runing samba, but i want to restrict availability to log in to a 
> small set of users with M$ "Domain Admins" rights. 

Interesting...

> Is there a simple 
> conf file that I've missed or is there another solution out there, or is 
> something that is in the too hard basket?, 

I doubt there's a simple config available, but it might well be 
possible. Since your Samba box is the PDC, I presume the user and group 
info is stored on that machine - you're not using winbind or anything to 
authenticate to a remote server?

If this (local user account info) is the case, you might be in luck. If 
there's a single group you can lump all the domain admins into, it 
shouldn't be too hard to use pam_limits and 
/etc/security/pam_limits.conf to achieve what you want to do.

If you can provide some more details about your configuration, such as 
Samba version and how your user accounts are stored (smbpasswd, LDAP, 
/etc/passwd, some other PAM method, etc) then maybe it'll be possible to 
give a more detailed answer.

> also can you restrict the IP 
> range that has telnet access as well?

This is easier. Read 'man 5 hosts_access' for more info.

> Any hints, answers or solution would be greatly appreciated.

If possible, use SSH.

Craig Ringer