On 10/13/98 15:09:38 you wrote:

If "cifs sessions" can print the active CIFS sessions, then how difficult could it possibly be to log when these sessions begin and end?

No more difficult that logging each NFS mount or unmount, or PC-NFS authentication.

I'm picking on CIFS because each user has an individual session, with an identifiable beginning and end.

Not exactly, as has been identified. Furthermore, you can access a "Microsoft Network" without establishing any session with the filer. You claimed you wanted this not for security, but for knowing if an account is active or not... if I log in, but never access the filer, then you don't have a very good indicator.

NFS works totally differently, but we can at least get the info we need from unix logs.

No. As I pointed out, I could access it via PC-NFS, or straight NFS unless you restrict every host. Furthermore, under unix, I could be accessing other people's files - you might not care about this, but I was just pointing out there's another scenario.

A lot of our students have their own PCs in their dorm rooms, so we have no access to these PCs. NT security is not an option for use because we have almost 20,000 accounts now and will eventually have almost 30,000. I haven't calculated what the license fee is for 30,000 users on a NT server.

At this point, I might suggest that support PCs in dorm rooms isn't an option, unless they use PC-NFS. But that's just me. I view the mapping of CIFS access the UNIX ids and files like the filer does to be something of a hack (not the code, but the concept) - I mean, if you don't like the way Microsoft expects you to use CIFS, don't use it. :)

We are using the same NIS maps for our unix servers as for CIFS logins on the netapp. It's real handy for account administration and users have the same password (and same home directory) for both services.

I agree here, but I more universal directory service appears to be in order. LDAP anyone?

Bruce