[Samba] netlogon problems
eehines at comcast.net
Fri Dec 9 01:43:02 GMT 2005
You have not misunderstood my post; I have mis-described my problem. The
logon script will not run until the user gets connected to his/her share on
the samba server, and I cannot get the user connected in the first place.
I have a better description of my problem (finally) under the thread
"[Samba] Share Connection Failure." Your points are valid, though, and I
will take them to heart when I get the point of getting connected so that
the logon script has a chance to run.
Do you have any advice on the basic connection problem?
At 12/08/05 01:25, Matthew Easton wrote:
>Pardon me if I misunderstand your post...
>I think you want to present a logon script to the user based on her/ his
>In other words, ( I surmise ) currently Fred gets an invitation to
>logon to finsvcs, but it will necessarily fail unless he is a member
>of the finance group. So you want him to have a logon script that
>DOES NOT mount finsvcs share if he is not a member of finance.
>I note that the "logon script" directive in you [global] settings has
>no value. In a small environment, you can make that
> logon script = /some/path/%u.bat
>and give each user a unique logon script. In a larger environment
>you want to control scripts by group membership---
>check out http://lists.samba.org/archive/samba/2002-March/040656.html
>as an example of ways to control logon by group.
>On Dec 4, 2005, at 12:19 PM, Eric Hines wrote:
>>I'm trying to achieve control over who logs into a share according
>>to the group to which that person belongs, but with no luck. I'm
>>running SUSE Pro 9.3 and Samba 3.0.13, with a Win2k machine on one
>>subnet and an XP laptop on another subnet. In all cases, the user,
>>instead of getting into his share transparently, gets invited to
>>log in, and then the login is rejected. I've run the login.bat
>>from the Windows machines, and that also only gets access denied.
>>Share valid users is set to %G (%U lets the user in just fine, but
>>that's inadequate security). Users get into their home directories
>>My login.bat is
>>net time \\lserver0 /set /yes
>>net use \\lserver0\accounts
>>net use \\lserver0\finsvcs
>>net use x: /home
>>My [netlogon] share is
>> comment = Network logon service
>> path = /data/%U
>> valid users = %S
>> read only = No
>>My [global] is
>> workgroup = ASTRA_ENT
>> username map = /etc/samba/smbusers
>> syslog = 0
>> name resolve order = wins bcast hosts
>> printcap name = CUPS
>> show add printer wizard = No
>> add user script = /usr/sbin/useradd -m '%u'
>> delete user script = /usr/sbin/userdel -r '%u'
>> add group script = /usr/sbin/groupadd '%g'
>> delete group script = /usr/sbin/groupdel '%g'
>> add user to group script = /usr/sbin/groupmod -G '%g' '%u'
>> add machine script = /usr/sbin/useradd -s /bin/false -d /
>> var/lib/nobody '%u'
>> logon script = scripts\login.bat
>> logon path =
>> logon drive = X:
>> domain logons = Yes
>> preferred master = Yes
>> wins support = Yes
>> ldap ssl = no
>>I've placed the login.bat file in the share accounts (\data \accounts and
>>/data/financials in this case), and I've placed the
>>login.bat file in each user's home directory. Nothing has worked.
>>I've been through the TOSHARG2 with no luck, and Googleing hasn't
>>brought me anything I recognized, either. Any help would be
>>There is no nonsense so errant that it cannot be made the creed of
>>the vast majority by adequate governmental action.
>> --Bertrand Russell
>>To unsubscribe from this list go to the following URL and read the
There is no nonsense so errant that it cannot be made the creed of the vast
majority by adequate governmental action.
More information about the samba