[Samba] netlogon problems
eehines at comcast.net
Sun Dec 4 20:19:33 GMT 2005
I'm trying to achieve control over who logs into a share according to the
group to which that person belongs, but with no luck. I'm running SUSE Pro
9.3 and Samba 3.0.13, with a Win2k machine on one subnet and an XP laptop
on another subnet. In all cases, the user, instead of getting into his
share transparently, gets invited to log in, and then the login is
rejected. I've run the login.bat from the Windows machines, and that also
only gets access denied. Share valid users is set to %G (%U lets the user
in just fine, but that's inadequate security). Users get into their home
directories just fine.
My login.bat is
net time \\lserver0 /set /yes
net use \\lserver0\accounts
net use \\lserver0\finsvcs
net use x: /home
My [netlogon] share is
comment = Network logon service
path = /data/%U
valid users = %S
read only = No
My [global] is
workgroup = ASTRA_ENT
username map = /etc/samba/smbusers
syslog = 0
name resolve order = wins bcast hosts
printcap name = CUPS
show add printer wizard = No
add user script = /usr/sbin/useradd -m '%u'
delete user script = /usr/sbin/userdel -r '%u'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/groupmod -G '%g' '%u'
add machine script = /usr/sbin/useradd -s /bin/false -d
logon script = scripts\login.bat
logon path =
logon drive = X:
domain logons = Yes
preferred master = Yes
wins support = Yes
ldap ssl = no
I've placed the login.bat file in the share accounts (\data\accounts and
/data/financials in this case), and I've placed the login.bat file in each
user's home directory. Nothing has worked.
I've been through the TOSHARG2 with no luck, and Googleing hasn't brought
me anything I recognized, either. Any help would be greatly appreciated.
There is no nonsense so errant that it cannot be made the creed of the vast
majority by adequate governmental action.
More information about the samba