Fwd: RE: Group logon Scripts

Brian Ginter brian.ginter at southern-air.com
Wed Feb 23 13:09:47 GMT 2000 

I have a similar situation and have assigned all users to varying primary groups.  It
works OK but could be better. I am including an e-mail from the samba list that improves
on my login/out scripts.  I have not had a chance to try the improvements yet.  Good
luck.

Forwarded From: "Naccarato, Robert" <naccarar at bis.adp.com>

> 
> > I use the following script in the root preexec field for the netlogon 
> > share,called by tthis command:
> > perl /home/netlogon/logon_script %u %m %g
> 
> According to smb.conf(1), %g only returns the primary group
> of the user (as you've noted below).  If you want to retreive all the
> groups,
> you could forget about %g altogether and use perl's getgr routines
> and such to get all the groups that a user belongs to.
> This way, if a user belongs to, say, 2 groups, you could set
> up separate net use's, for example, that are appropriate for each group.
> 
> If user A belongs to group 1 and user B belongs to group 2, you have
> different settings for each.  What about user C who belongs to both
> groups 1 and 2 and needs both groups' settings?
> 
> My take on it:
> You could set up an array of all the groups that a user belongs to
> like this:
> 
> $username=$ARGV[0];
> setgrent();
> while (@grline=getgrent()) {
>         (@users)=split(' ',$grline[3]);
>         if (grep(/^$username$/, at users)) {
>                 push(@groups,$grline[0]);
>         }
> }
> # Uncomment to debug
> #print "$username belongs to:n";
> #foreach $group (@groups) {
> #        print "$groupn";
> #}
> 
> So, @groups is a list that contains all the group names that the
> user belongs to.  See changes to your code below.
> 
> > 
> > Then the logon script is set to :%u.bat
> > 
> > It works great with the only problem being with users belonging to 
> > multiple groups, this will only select the users primary group to 
> > create a logon script.
> > 
> 
> See above.
> 
> > I am also including my root postexec script for the netlogon share.
> > 
> > 
> > #!/usr/bin/perl
> > #
> > # log when a user "logs into the network"
> > # and generate a custom logon script
> > #
> > ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = 
> > localtime(time);
> > $month = ('Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 
> > 'Sep', 'Oct', 'Nov', 'Dec')[$mon];
> > open LOG, ">>/var/log/samba/netlogon.log";
> > print LOG "$month $mday $hour:$min:$sect$ARGV[0] logged into 
> > $ARGV[1]n";
> > close LOG;
> 
> That is really a great idea. Wish I'd thought of it.  But don't
> Samba's log files give you this info already?
> 
> > 
> > $command = "rm /home/netlogon/$ARGV[0].bat";
> > open (COMMAND, "|bash");
> > print COMMAND $command;
> > close (COMMAND);
> 
> Instead of all that, just use:
> unlink("/home/netlogon/$ARGV[0].bat");
> 
> (better check if that is syntactically correct, tho' ;) )
> 
> > open LOGON, ">>/home/netlogon/$ARGV[0].bat";
> > print LOGON "@echo offrn";
> > print LOGON "set pml=h:\pmailrn";
> > print LOGON "set pmr=h:\pmailrn";
> > print LOGON "NET USE X: \\titan\$ARGV[0]rn";
> > print LOGON "NET USE H: \\titan\Hrn";
> > print LOGON "NET USE I: \\titan\Irn";
> > print LOGON "NET USE V: \\titan\Vrn";
> > 
> [snip]
> > 
> > if ($ARGV[2] eq 'imaging') {
> >     print LOGON "NET USE S: \\roo\smartcdrn";
> >     print LOGON "NET USE T: \\roo\image_volrn";
> >     print LOGON "NET USE U: \\roo\sybasern";
> > }
> 
> Ok, now instead of using if ($ARGV[2])..., use grep:
> 
> if (grep(/^imaging$/, at groups)) {
> 	print LOGON "net use .......rn"
> 	...
> }
> 
> > print LOGON "NET TIME \\titan /SET /YESrn";
> > 
> > close LOGON;
> > 
> > --------------------------------------------------------------
> > ------------------------------------
> > 
> > 
> > #!/usr/bin/perl
> > #
> > # log when a user "logs out of the network"
> > # and delete their logon script
> > #
> > ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = 
> > localtime(time);
> > $month = ('Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 
> > 'Sep', 'Oct', 'Nov', 'Dec')[$mon];
> > open LOG, ">>/var/log/samba/netlogon.log";
> > print LOG "$month $mday $hour:$min:$sect$ARGV[0] logged out.n";
> > close LOG;
> > 
> > $command = "rm /home/netlogon/$ARGV[0].bat";
> > open (COMMAND, "|bash");
> > print COMMAND $command;
> > close (COMMAND);
> 
> Again, unlink("$ARGV[0].bat");
> 
> 
> Just my $0.02...
> 



-- 
Brian Ginter
Southern Air, Inc.
brian.ginter at southern-air.com

More information about the samba mailing list