No subject
Tue Dec 2 02:23:37 GMT 2003
Hello,
First you have to add in your smb.conf file the following
root preexec command
root preexec = /usr/bin/smbstatus -u %u |grep netlogon
> /var/opt/samba/netlogon/users/%u'
When a user log to samba, this command will verify if the
user have already a connection on the ressources netlogon
and will create a file in /var/opt/samba/netlogon/users with
the name of the user and if this is already connected a line
in this file as :
netlogon user users pid machine ip date.
Then we have a script which is run at logon in the command
logon script
logon script = "lance.cmd %I %m %U %G %T "
-----------------------------------lance.cmd
@net time /SET /YES > nul
@net use z: \\infinity\netlogon /persistent:no>nul
@perl z:\deja.pl %3
@if errorlevel 1 goto :dehors
and so ....
goto fin
:dehors
z:\shutd.exe
:fin
in which we call an another script (deja.pl) in perl, if
this script return 1 the connection is refused
-----------------------------deja.pl
--------------------------
#!/usr/bin/perl
use File::Basename;
$nom="z:\\users\\$ARGV[0]";
$cpt=0;
open nom or die "Impossible de trouver le fichier\n";
while( <nom>){
if (/netlogon/i)
{
$cpt=1;
}
}
close nom;
exit( $cpt);
----------------------------smb.conf
;
; /etc/smb.conf
; Sample configuration file for the Samba suite for Debian
GNU/Linux
; Please see the manual page for smb.conf for detailed
description of
; every parameter.
[global]
logon script = "lance.cmd %I %m %U %G %T "
[netlogon]
# Il est particulierement important d'interdire l'acces en
ecriture
# au repertoire netlogon.
(securite)
# Commentaires pour les
clients
comment =
Netlogon
# chemin d'acces a la ressource
partagee
path =
/var/opt/samba/netlogon
writable =
no
browseable =
no
guest ok =
no
oplocks =
True
locking =
no
public =
no
read only =
yes
create mask =
0600
directory mask =
0700
; Drive P: no comment
[homes]
; By default, the home directories are exported read only.
Change next
; parameter to "no" if you want to be able to write to them.
read only = yes
create mask = 0700
writable = yes
available = yes
printable = no
browseable = no
valid users = %S
directory mask = 0700
fake oplocks = no
postexec = /bin/echo "Le %T %u %m %I %S %h ">>
%H/.samba_connexion
path = %H
follow symlinks = yes
root preexec = /usr/bin/smbstatus -u %u |grep netlogon
> /var/opt/samba/netlogon/users/%u'
comment = Repertoire Prive de %U sur %h
Bye
More information about the samba-ntdom
mailing list