[Samba] domain logons - prevent multiple logins with the same
nagy.zoltan at cit.hu
Mon Feb 12 10:03:16 GMT 2007
i'm trying to solve this problem, i've came up with a solution, but i don't think that this is the best availibe method for this problem
i read about that samba does provides a 'preexec' call that can prevent a share to be accessed, and i figured out, that with this i can
reject access to a share if the user have already logged in from another maschine.
and if i wrote the currently logged in computer name to a file on a share that can be accessed when the login is unsuccessfull,
i can pop up a dialog on the client from the network logon script at client side when it detects that the user is trying to login to the domain
twice, and write him where he have been logged in before.
so..solution's logical outline:
* compare $home/.login_magic, $profile/.login_magic, if not the same, the client is trying to login twice..
pop-up message box with $home/.successfull_login_machine_name
* this file check's %home%/.successfull_login_machine_name
preexec = prevent_multiple_logon.bash
* if machine is the first login to the domain
write machine name to $home/.successfull_login_machine_name
write a random number to $home/.login_magic, $profile/.login_magic
not protected with preexec
i haven't found a solution to prevent the client from logging in when the profile connection has been rejected,
maybe i've missed the setting on the windows local security policy settings panel
or i've missed a configuration option in my samba config?
any suggestions? :)
best regards, kirk
More information about the samba