[Samba] Mapping directories based on group membership
Paul Gienger
pgienger at ae-solutions.com
Sat Mar 13 23:01:00 GMT 2004
Craig White wrote:
>On Fri, 2004-03-12 at 17:35, Scott Gross wrote:
>
>
>>
>>I'm using Samba 3.0.2 and LDAP backend. I have users assigned to groups
>>based on their departments. I also have a directory created for each
>>department. What I want to do is map a drive letter to a user's department
>>directory. The groups are also secondary groups as the primary group for
>>every user is 'Domain Users'. Does anyone know a way to accomplish this?
>>What I'm kind of looking for is a group home directory type situation?
>>
>>
>-----
>did you check out the sample logon scripts that came with samba - also
>the one of interest is in the 'how-to'
><http://us1.samba.org/samba/docs/man/AdvancedNetworkManagement.html#id2958990>
>
>Craig
>
>
We do this quite a bit using the pre-exec parameter and the UNIX groups
command . What we do is like so. In smb.conf:
[netlogon]
path = /opt/samba/share/netlogon
browseable = No
root preexec = /opt/samba/bin/prelogon.pl %U
and then in the prelogon script, this is in there someplace:
$groups = `/usr/bin/groups $user`;
chomp $groups;
which gives us the info on what groups this user is part of. On solaris
the content of $groups looks like:
itserv itadmin isdevel office projects isadminbis Domain Admins
on RedHat 9 there's a slight variation like this:
pgienger : itserv itadmin isdevel office projects isadminbis Domain Admins
Leter you can test against the string like so:
if ( $groups =~ m/itadmin/ )
{
print LOGON "NET USE Q: \\\\servername\\itadmin\r\n";
}
You'll have to be careful that if you have groups named like somegroup
and notsomegroup where the first is a substring of the second, that you
don't match the longer when you are looking for the shorter. You can
change the regex to fix that, but I'm lazy so I haven't in mine yet. I
used to use the ifmember script, but that only gives you the primary
unix group. It will give you all the NT groups, but only the primary
unix one.
Paul
More information about the samba
mailing list