Group logon Scripts
Naccarato, Robert
naccarar at bis.adp.com
Fri Jan 7 18:02:39 GMT 2000
> I use the following script in the root preexec field for the netlogon
> share,called by tthis command:
> perl /home/netlogon/logon_script %u %m %g
According to smb.conf(1), %g only returns the primary group
of the user (as you've noted below). If you want to retreive all the
groups,
you could forget about %g altogether and use perl's getgr routines
and such to get all the groups that a user belongs to.
This way, if a user belongs to, say, 2 groups, you could set
up separate net use's, for example, that are appropriate for each group.
If user A belongs to group 1 and user B belongs to group 2, you have
different settings for each. What about user C who belongs to both
groups 1 and 2 and needs both groups' settings?
My take on it:
You could set up an array of all the groups that a user belongs to
like this:
$username=$ARGV[0];
setgrent();
while (@grline=getgrent()) {
(@users)=split(' ',$grline[3]);
if (grep(/^$username$/, at users)) {
push(@groups,$grline[0]);
}
}
# Uncomment to debug
#print "$username belongs to:\n";
#foreach $group (@groups) {
# print "$group\n";
#}
So, @groups is a list that contains all the group names that the
user belongs to. See changes to your code below.
>
> Then the logon script is set to :%u.bat
>
> It works great with the only problem being with users belonging to
> multiple groups, this will only select the users primary group to
> create a logon script.
>
See above.
> I am also including my root postexec script for the netlogon share.
>
>
> #!/usr/bin/perl
> #
> # log when a user "logs into the network"
> # and generate a custom logon script
> #
> ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) =
> localtime(time);
> $month = ('Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul',
> 'Sep', 'Oct', 'Nov', 'Dec')[$mon];
> open LOG, ">>/var/log/samba/netlogon.log";
> print LOG "$month $mday $hour:$min:$sec\t$ARGV[0] logged into
> $ARGV[1]\n";
> close LOG;
That is really a great idea. Wish I'd thought of it. But don't
Samba's log files give you this info already?
>
> $command = "rm /home/netlogon/$ARGV[0].bat";
> open (COMMAND, "|bash");
> print COMMAND $command;
> close (COMMAND);
Instead of all that, just use:
unlink("/home/netlogon/$ARGV[0].bat");
(better check if that is syntactically correct, tho' ;) )
> open LOGON, ">>/home/netlogon/$ARGV[0].bat";
> print LOGON "\@echo off\r\n";
> print LOGON "set pml=h:\\pmail\r\n";
> print LOGON "set pmr=h:\\pmail\r\n";
> print LOGON "NET USE X: \\\\titan\\$ARGV[0]\r\n";
> print LOGON "NET USE H: \\\\titan\\H\r\n";
> print LOGON "NET USE I: \\\\titan\\I\r\n";
> print LOGON "NET USE V: \\\\titan\\V\r\n";
>
[snip]
>
> if ($ARGV[2] eq 'imaging') {
> print LOGON "NET USE S: \\\\roo\\smartcd\r\n";
> print LOGON "NET USE T: \\\\roo\\image_vol\r\n";
> print LOGON "NET USE U: \\\\roo\\sybase\r\n";
> }
Ok, now instead of using if ($ARGV[2])..., use grep:
if (grep(/^imaging$/, at groups)) {
print LOGON "net use .......\r\n"
...
}
> print LOGON "NET TIME \\\\titan /SET /YES\r\n";
>
> close LOGON;
>
> --------------------------------------------------------------
> ------------------------------------
>
>
> #!/usr/bin/perl
> #
> # log when a user "logs out of the network"
> # and delete their logon script
> #
> ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) =
> localtime(time);
> $month = ('Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul',
> 'Sep', 'Oct', 'Nov', 'Dec')[$mon];
> open LOG, ">>/var/log/samba/netlogon.log";
> print LOG "$month $mday $hour:$min:$sec\t$ARGV[0] logged out.\n";
> close LOG;
>
> $command = "rm /home/netlogon/$ARGV[0].bat";
> open (COMMAND, "|bash");
> print COMMAND $command;
> close (COMMAND);
Again, unlink("$ARGV[0].bat");
Just my $0.02...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 3672 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20000107/acc38a2f/attachment.bin
More information about the samba
mailing list