logging connections (and dead time parameter)

John Harper harper at scar.utoronto.ca
Mon Jun 15 20:37:54 GMT 1998

Gerald Carter wrote:
>What you are referring to really has no clean solution.  However, I will
>say this.  The [homes] and [netlogon] shares have an inconsistent lifetime
>you are correct.  What I have done is to perform the logging on an generic
>applicaiotn share that everyone mounts during the login script.  A preexec
>and postexec scripts are used to log to /var/adm/wtmpx.  Shares other than
>[homes] and [netlogon] behave more predictably.  At least this has been my

This would work except you'd have to set dead time to never disconnect
that share, and since it's a global parameter, none of the other
shares would either, which rather ruins the point of having a dead
time parameter. In our labs we could have lots of connections and I
think I will need the idle ones to go away. It would help if dead time
was a per-share parameter, so it could be tuned for the expected
likelihood of use of each share.

Paul Ashton wrote:

>An NT client does call a "logout" RPC. You should see it in your
>logs at the right level. You could stuff in a syslog in the
>NetLogonSamLogon/Logout if that is what you want.

I've found the relevant sections of the code and hacked it to add the
global parameters "login exec" and "logout exec", which are run the
same way root execs are. The login exec seems to be ok, but I'm having
a problem with the logout - at the point in the code where the api
NET_SAMLOGOFF is serviced by the call to api_net_sam_logoff() I can't
seem to identify the user - it looks as though the user is "nobody".
I'd like the username so I can write the proper wtmp entry; but it mostly
works - I have a log file that accurately shows when the machine is being
used and by who. If anyone cares I can produce the diffs for the mods.

I wrote:

> But since netlogon is a fixed name, it may not disconnect at all and
>you can't work around it - and I need the client to connect to it
>each time to trigger the root preexec I use to generate a login.bat
>file on the fly (since I have 6000 users, I don't want to store
>everyone's batch files).

I was running with dead time = 1 to minimize this problem, but in the
end I also had to change the code trivially to allow dead time to be
set to 0 so that Samba drops shares asap after all files are
closed. On my PDC this applies to the profile and specifically to the
NETLOGON share. If I don't do this, then in a busy lab there will be
many times when a person leaves, and the next tries to login when less
than a minute has elapsed they will not get any drive or printer

John Harper
Academic Computing Coordinator
University of Toronto at Scarborough
harper at scar.utoronto.ca

More information about the samba-ntdom mailing list