Repost: preexec broken?

CAE Samba Admin caesmb at
Wed Jun 23 17:31:39 GMT 1999

Sorry everyone.  It appears as though my smb.conf didn't make it along
with the original post.  I'm attaching it again.  Thanks...

>> Hello,
>> I'm running a PDC off of 2.0.4b (I know, I know...) and am having some
>> trouble with the "preexec" command for making profile directories.  It
>> appears as though "preexec" isn't even executing.  I've attached my
>> smb.conf file below.  The command string shows up okay with "testparm" and
>> everything works great if I stick change it to a "root preexec"; however,
>> there is no need for this script to be run as root and I want to avoid it
>> as such.  Yes, I have checked permissions on the script to be executed.  I
>> can run the script just fine as a user from a shell.  Samba just seems to
>> ignore it though.  We even ran "truss" on smbd and it simply doesn't look
>> like preexec is there (no errors, inability to access files, etc).  What
>> would be the lowest (ie, most readable) debug log that I could send or
>> make available for some help looking into this?

Cliff Green wrote:

>Well, your smb.conf didn't show up.  However, let me guess - you're using
>the preexec in the [netlogon] share.  What happens when you put it in the
>[homes] share (and mount the users' home directory in your logon script)?

	No, it is in the [profile] share, but that is referenced by "logon
path".  Does the fact that the "preexec" is in a share that NT tried to
connect to at login (vs a user from the command line or a login script)
have anything to do with it?
	This seems unlikely because if I try a "net use z:
\\server\profile /user:username" from a command prompt, the "preexex"
fails as well.

Thanks again,

Kevin Currie

-------------- next part --------------
; /usr/local/samba/lib/smb.conf
; Samba configuration file for
; Created 06/09/99, Kevin Currie

; ----------------- start [global] configuration options -----------------


; Identification parameters

	workgroup = UCS-UNIX
	netbios name = MEDUSA
	server string = UCS-UNIX Primary Domain Controller

; Browse list parameters

	; Note:  This establishes Samba as the browse master for it's domain 
	; and subnet as well as turning on WINS support.  The OS level is set
	; high enough to beat out NT Server if an election is forced.

	domain master = yes
	local master = yes
	preferred master = yes
	os level = 65
	wins support = yes

; Domain control options

	security = user
	domain logons = yes
	encrypt passwords = yes

; Options facilitating login scripts for domain controlled clients

	logon script = %a.bat
	logon drive = h:
	logon path = \\medusa\profile
	dos filetime resolution = yes

; Enable automatic printer configuration and support

	printing = sysv
	load printers = yes
	printcap name = lpstat

; Performance tuning

	oplocks = yes
	lock directory = /usr/local/samba/var/locks
	share modes = yes
	socket options = TCP_NODELAY
	deadtime = 15

; Miscellaneous parameters

	browsable = yes
	follow symlinks = yes
	hide dot files = no

	debug level = 3

; ----------------- end [global] configuration options -----------------

; Template share for user home directories

	printable = yes
	path = /usr/local/samba/spool
	browseable = yes
	guest ok = no

; Template share for user home directories

	comment = Home Directories
	path = %H
	browseable = no
	writable = yes
	hide dot files = yes
	create mask = 644
	directory mask = 755

; Share which Win32 clients connect to for login scripts/policies


	; Note:  The path should be a symlink to a department controlled
	; directory elseware on the file system.

	comment = Logon Scripts
	path = /home6/samba/%m$/netlogon

	force user = nobody
	public = yes
	read only = yes
	follow symlinks = yes
	locking = no

; Share for user profiles


	; Note:  This exists because NT has a bug which maintains a connection
	; to \\server\homes even after a user logs out which causes security
	; problems with profiles

	comment = User Profiles
	path = %H/win32/profile

	force create mode = 0644
	force directory mode = 0755 
	browseable = no
	public = no
	writable = yes
	follow symlinks = yes
	; Note:  This just ensures that the necessary directories exist.
	; This script should be reviewed by the sysadmin, but is considered
	; safe as it is executed as the connecting user

	preexec = /usr/local/samba/scripts/ %U %G %H

More information about the samba-ntdom mailing list