re: #1271 Kosh’s Shadow

No, this would be such a big security hole that systems would be wide open.

Also, the system needs to log in BEFORE running any scripts; otherwise, just typing the wrong username would run that person’s login script.

Login can be modified to support centralized user management, one-time passwords, biometrics, etc., but that all runs as privileged kernel code. Otherwise, it is too easy to compromise.

plus you have to shake hands with the Domain Controller to gain access to the network..then DHCP will pass you an IP. And if dot802.x is turned up on the cisco switches then without a Corporate issued Certs on the workstation the port will not turn up on the switch or you can just dump the user on to a guest VLAN..