[Samba] netlogon problems

Eric Hines eehines at comcast.net
Fri Dec 9 01:43:02 GMT 2005

You have not misunderstood my post; I have mis-described my problem.  The 
logon script will not run until the user gets connected to his/her share on 
the samba server, and I cannot get the user connected in the first place.

I have a better description of my problem (finally) under the thread 
"[Samba] Share Connection Failure."  Your points are valid, though, and I 
will take them to heart when I get the point of getting connected so that 
the logon script has a chance to run.

Do you have any advice on the basic connection problem?


Eric Hines

At 12/08/05 01:25, Matthew Easton wrote:
>Pardon me if I misunderstand your post...
>I think you want to present a logon script to the user based on her/ his 
>group membership.
>In other words, ( I surmise ) currently Fred gets an invitation to
>logon to finsvcs, but it will necessarily fail unless he is a member
>of the finance group.  So you want him to have a logon script that
>DOES NOT mount finsvcs share if he is not a member of finance.
>I note that the "logon script" directive in you [global] settings has
>no value.  In a  small environment, you can make that
>         logon script = /some/path/%u.bat
>and give each user a unique logon script.  In a larger environment
>you want to control scripts by group membership---
>check out http://lists.samba.org/archive/samba/2002-March/040656.html
>as an example of ways to control logon by group.
>On Dec 4, 2005, at 12:19 PM, Eric Hines wrote:
>>I'm trying to achieve control over who logs into a share according
>>to the group to which that person belongs, but with no luck.  I'm
>>running SUSE Pro 9.3 and Samba 3.0.13, with a Win2k machine on one
>>subnet and an XP laptop on another subnet.  In all cases, the user,
>>instead of getting into his share transparently, gets invited to
>>log in, and then the login is rejected.  I've run the login.bat
>>from the Windows machines, and that also only gets access denied.
>>Share valid users is set to %G (%U lets the user in just fine, but
>>that's inadequate security).  Users get into their home directories
>>just fine.
>>My login.bat is
>>net time \\lserver0 /set /yes
>>net use \\lserver0\accounts
>>net use \\lserver0\finsvcs
>>net use x: /home
>>My [netlogon] share is
>>         comment = Network logon service
>>         path = /data/%U
>>         valid users = %S
>>         read only = No
>>My [global] is
>>         workgroup = ASTRA_ENT
>>         username map = /etc/samba/smbusers
>>         syslog = 0
>>         name resolve order = wins bcast hosts
>>         printcap name = CUPS
>>         show add printer wizard = No
>>         add user script = /usr/sbin/useradd -m '%u'
>>         delete user script = /usr/sbin/userdel -r '%u'
>>         add group script = /usr/sbin/groupadd '%g'
>>         delete group script = /usr/sbin/groupdel '%g'
>>         add user to group script = /usr/sbin/groupmod -G '%g' '%u'
>>         add machine script = /usr/sbin/useradd -s /bin/false -d / 
>> var/lib/nobody '%u'
>>         logon script = scripts\login.bat
>>         logon path =
>>         logon drive = X:
>>         domain logons = Yes
>>         preferred master = Yes
>>         wins support = Yes
>>         ldap ssl = no
>>I've placed the login.bat file in the share accounts (\data \accounts and 
>>/data/financials in this case), and I've placed the
>>login.bat file in each user's home directory.  Nothing has worked.
>>I've been through the TOSHARG2 with no luck, and Googleing hasn't
>>brought me anything I recognized, either.  Any help would be
>>greatly appreciated.
>>Eric Hines
>>There is no nonsense so errant that it cannot be made the creed of
>>the vast majority by adequate governmental action.
>>         --Bertrand Russell
>>To unsubscribe from this list go to the following URL and read the
>>instructions:  https://lists.samba.org/mailman/listinfo/samba

There is no nonsense so errant that it cannot be made the creed of the vast 
majority by adequate governmental action.
         --Bertrand Russell

More information about the samba mailing list