No subject


Tue Dec 2 02:23:37 GMT 2003 

Hello,


First you have to add in your smb.conf file the following
root preexec command

   root preexec    = /usr/bin/smbstatus -u %u |grep netlogon
> /var/opt/samba/netlogon/users/%u'

When a user log to samba, this command will verify if the
user have already a connection on the ressources netlogon
and will create a file in /var/opt/samba/netlogon/users with
the name of the user and if this is already connected a line
in this file as :
netlogon  user users pid machine ip date.

Then we have a script which is run at logon in the command
logon script

 logon script = "lance.cmd %I %m %U %G %T "

-----------------------------------lance.cmd

@net time /SET /YES > nul
@net use z: \\infinity\netlogon /persistent:no>nul
@perl z:\deja.pl %3
@if errorlevel 1 goto :dehors

and so ....
goto fin
:dehors
z:\shutd.exe
:fin


in which we call an another script (deja.pl) in perl, if
this script return 1 the connection is refused 

-----------------------------deja.pl
--------------------------
#!/usr/bin/perl
use File::Basename; 
$nom="z:\\users\\$ARGV[0]";
$cpt=0;
open nom or die "Impossible de trouver le fichier\n";
while( <nom>){
    if (/netlogon/i)
    {
	$cpt=1;
    }
  }
  close nom;
exit( $cpt);

----------------------------smb.conf
;
; /etc/smb.conf
; Sample configuration file for the Samba suite for Debian
GNU/Linux
; Please see the manual page for smb.conf for detailed
description of
;	every parameter.

[global]

   logon script = "lance.cmd %I %m %U %G %T "

[netlogon]                                                             
# Il est particulierement important d'interdire l'acces en
ecriture    
# au repertoire netlogon.
(securite)                                   
# Commentaires pour les
clients                                        
        comment         =
Netlogon                                     
# chemin d'acces a la ressource
partagee                               
        path            =
/var/opt/samba/netlogon                              
        writable        =
no                                           
        browseable      =
no                                           
        guest ok          =
no                                         
        oplocks         =
True                                         
        locking         =
no                                           
        public          =
no                                           
        read only       =
yes                                          
        create mask     =
0600                                         
        directory mask  =
0700                                         

; Drive P: no comment
[homes]
; By default, the home directories are exported read only.
Change next
;	parameter to "no" if you want to be able to write to them.
   read only = yes
   create mask = 0700
   writable = yes 
   available = yes 
   printable = no
   browseable = no 
   valid users = %S 
   directory mask = 0700
   fake oplocks = no 
   postexec = /bin/echo "Le %T %u %m %I %S %h ">>
%H/.samba_connexion 
   path = %H 
   follow symlinks = yes 
   root preexec    = /usr/bin/smbstatus -u %u |grep netlogon
> /var/opt/samba/netlogon/users/%u'
   comment         = Repertoire Prive de %U sur %h



Bye

More information about the samba-ntdom mailing list