Authorization from some IPs

[Sensei]

Hi.

I have a(nother) question for kerberos. As we're setting up a 
centralized login, we have a problem.

Our dept. is made of 8~10 labs, and we'd like to handle logins under 
*one* machine, but distinguish each login request from a lab to another.

I mean, every user should be able to login *only* from a particular lab, 
using the central kerberos auth, and should *not* be able to do so from 
an ip beloging to another lab. Note that we have all static ips and names.

Any hint?
-- 
Sensei <senseiwa:tin.it> <icq:241572242> <msn:Sensei_Sen:hotmail.com>

f u cn rd ths u r usng unx