Repost: preexec broken?
CAE Samba Admin
caesmb at lab2.cc.wmich.edu
Wed Jun 23 17:31:39 GMT 1999
Sorry everyone. It appears as though my smb.conf didn't make it along
with the original post. I'm attaching it again. Thanks...
>> Hello,
>>
>> I'm running a PDC off of 2.0.4b (I know, I know...) and am having some
>> trouble with the "preexec" command for making profile directories. It
>> appears as though "preexec" isn't even executing. I've attached my
>> smb.conf file below. The command string shows up okay with "testparm" and
>> everything works great if I stick change it to a "root preexec"; however,
>> there is no need for this script to be run as root and I want to avoid it
>> as such. Yes, I have checked permissions on the script to be executed. I
>> can run the script just fine as a user from a shell. Samba just seems to
>> ignore it though. We even ran "truss" on smbd and it simply doesn't look
>> like preexec is there (no errors, inability to access files, etc). What
>> would be the lowest (ie, most readable) debug log that I could send or
>> make available for some help looking into this?
Cliff Green wrote:
>Well, your smb.conf didn't show up. However, let me guess - you're using
>the preexec in the [netlogon] share. What happens when you put it in the
>[homes] share (and mount the users' home directory in your logon script)?
No, it is in the [profile] share, but that is referenced by "logon
path". Does the fact that the "preexec" is in a share that NT tried to
connect to at login (vs a user from the command line or a login script)
have anything to do with it?
This seems unlikely because if I try a "net use z:
\\server\profile /user:username" from a command prompt, the "preexex"
fails as well.
Thanks again,
Kevin Currie
-------------- next part --------------
; /usr/local/samba/lib/smb.conf
; Samba configuration file for medusa.lab2.cc.wmich.edu
; Created 06/09/99, Kevin Currie
; ----------------- start [global] configuration options -----------------
[global]
; Identification parameters
workgroup = UCS-UNIX
netbios name = MEDUSA
server string = UCS-UNIX Primary Domain Controller
; Browse list parameters
; Note: This establishes Samba as the browse master for it's domain
; and subnet as well as turning on WINS support. The OS level is set
; high enough to beat out NT Server if an election is forced.
domain master = yes
local master = yes
preferred master = yes
os level = 65
wins support = yes
; Domain control options
security = user
domain logons = yes
encrypt passwords = yes
; Options facilitating login scripts for domain controlled clients
logon script = %a.bat
logon drive = h:
logon path = \\medusa\profile
dos filetime resolution = yes
; Enable automatic printer configuration and support
printing = sysv
load printers = yes
printcap name = lpstat
; Performance tuning
oplocks = yes
lock directory = /usr/local/samba/var/locks
share modes = yes
socket options = TCP_NODELAY
deadtime = 15
; Miscellaneous parameters
browsable = yes
follow symlinks = yes
hide dot files = no
debug level = 3
; ----------------- end [global] configuration options -----------------
; Template share for user home directories
[printers]
printable = yes
path = /usr/local/samba/spool
browseable = yes
guest ok = no
; Template share for user home directories
[homes]
comment = Home Directories
path = %H
browseable = no
writable = yes
hide dot files = yes
create mask = 644
directory mask = 755
; Share which Win32 clients connect to for login scripts/policies
[netlogon]
; Note: The path should be a symlink to a department controlled
; directory elseware on the file system.
comment = Logon Scripts
path = /home6/samba/%m$/netlogon
force user = nobody
public = yes
read only = yes
follow symlinks = yes
locking = no
; Share for user profiles
[profile]
; Note: This exists because NT has a bug which maintains a connection
; to \\server\homes even after a user logs out which causes security
; problems with profiles
comment = User Profiles
path = %H/win32/profile
force create mode = 0644
force directory mode = 0755
browseable = no
public = no
writable = yes
follow symlinks = yes
; Note: This just ensures that the necessary directories exist.
; This script should be reviewed by the sysadmin, but is considered
; safe as it is executed as the connecting user
preexec = /usr/local/samba/scripts/profile.sh %U %G %H
More information about the samba-ntdom
mailing list