[Samba] Problem listing group membership from Windows

Paul Gienger pgienger at ae-solutions.com
Tue Jun 7 13:10:08 GMT 2005 

> > I planned using ifmember.exe from Windows 2000 resource kit to map the
> right
> > drive-mappings to the right shares with logon-scripts. Unfortunately it
> seems
> > as ifmember simply doesnt report the right groups for the users.

<snip>

> Are there any workaround when I can't use ifmember? I might use preexe to
> create
> a logon-script for each and every user, but that seems very cumbersome and
> hard-to-maintain.
> 
> I'll buy you a beer if anyone can help me on this one :)

I also looked at ifmember for the login script, but after not too long, my
batch file looked like badly cooked spaghetti.  The solution I came up with
was to write a pre-exec on the profiles share (you could use it on netlogon,
but I have reasons) that creates a user-specific login script every time
somebody logs in.  Here are the relevant portions of the smb.conf:

[global]
        logon script = %U.bat

[profiles]
        root preexec = /local/scripts/unifiedPrelogon.pl '%U' '%I'


and a snippit from the login script.  There are some various things in here
that probably don't add up, I've removed some functions to get the essence
of what I'm doing here, but I left in the part about the profile dir
creation, that's my reason for using the profiles directory for the
pre-exec, this keeps me from having to make each user's profile dir.

#!/usr/bin/perl

use Net::LDAP;

$user = $ARGV[0];
$fromHost = $ARGV[1];

my ($profiledir)        = "/export/profiles/$user";
my ($loginScriptPath)   = "/local/samba/netlogon";
my ($groups)            = `/usr/bin/groups $user`;

#################################################################
##              Start to create the logon script               ##
#################################################################

open (LOGON,">$loginScriptPath/$user.bat");
print LOGON "\@ECHO OFF\r\n";
print LOGON "rem Passed args were:\r\n";
print LOGON "rem user: $user\r\n";
print LOGON "rem host: $fromHost\r\n";

#################################################################
##       Make sure that the profile environment is sane        ##
#################################################################
if ( $userSite eq $thisSite )
{
  if ( !-d $profiledir )
  {
    mkdir($profiledir, oct(700));
    $uid = getpwnam($user);
    chown($uid, -1, $profiledir);
  }
}

#################################################################
##                 Start global drive setup                    ##
#################################################################
print LOGON "REM Global setup:\r\n";
print LOGON "REM Delete old drives that may be hanging around\r\n";
print LOGON "IF EXIST B: NET USE B: /delete\r\n";

if ( $groups =~ m/engserv/ )
{
  print LOGON "NET USE L: \\\\bisserv\\engserv\r\n";
}
print LOGON "rundll32 printui.dll,PrintUIEntry /in /n
\"\\\\bisserv\\hp4500\" /r \"\\\\bisserv\\hp4500\" /m \"HP C LaserJet
4500-PS\" /z /q\r\n";

# clean up so we can get out and let things finish
close LOGON;









Paul Gienger                    Office: 701-281-1884
Applied Engineering Inc.
Systems Architect               Fax:    701-281-1322
URL: www.ae-solutions.com       mailto: pgienger at ae-solutions.com

More information about the samba mailing list