[Samba] Connection scripts with the 'prexec' clause
Shaun Marolf
shaun.marolf at gmail.com
Mon Aug 14 20:16:57 GMT 2006
On Monday 14 August 2006 14:57, Maurice Forte wrote:
> Hi all,
>
> I am running Samba 3.0.20B on an AIX server with SECURITY=USER using an
> LDAP backend. I am looking for a way to capture the actual
> username(%USER_NAME%) that
> the client user is logged onto his individual workstation with and compare
> it with the user(%u) they are connecting with the share as. If they are
> different, I want to reject the user's connection. After doing some
> reading, it appears that a connection script with the 'preexec' clause is
> the way to go but the Samba environment variables only can intrepret
> client's hostname, netbios name, and ip address. Is there a way for me
> to capture the client's logon id(%USERNAME%) or accomplish this task
> another way?
>
> Thanks in advance,
> Maurice Forte
I believe you can use LDAP to handle the security measures you are talking
about. I don't know how to set LDAP to do that but someone in a LDAP forum
should.
However, keep in mind such a scheme may cause an issue if you have users
working on a shared project that is kept in one, or both, of their users
folders on the server. You should allow users the option to let other users
access their files if need be. Again I have no clue how to setup LDAP to
handle this but I believe it can be done.
--Shaun
--
It isn't about it being free. Rather its about the freedom it brings.
More information about the samba
mailing list