Re-2: [Samba] limit login
Bjoern Tore Sund
bjorn.sund at it.uib.no
Thu Sep 6 07:24:33 GMT 2007
Volker Lendecke wrote:
> On Wed, Sep 05, 2007 at 12:14:25PM +0000, damiend at mckennagroup.co.uk wrote:
>
>> yes please this would fix problems with have with user
>> loggin on at one end of the site then at the other later.
>
> Just to make sure:
>
> You are aware that once someone has logged in an
> administrator has to reset that account. This is *NOT*
> automatic if the user logs out from his first
> workstation. That functionality is impossible to achieve for
> us, Windows does not tell us when the user logs out.
Maybe I'm being naïve, or maybe it's just that I don't need this
functionality for anything, but I'd solve it by running regularly (every
hour, every ten minutes, whatever you determine appropriate) something
like this script:
#!/bin/bash
smbstatus -b | awk '{print "nobody = " $2}' > /etc/samba/smb.usermap
Then set username map = /etc/samba/smb.usermap in smb.conf. This should
cause any user who have a share mapped not to be able to authenticate
because their password is tested with the user nobody - until they are
logged out AND the script is run again.
Untested, and in need of refining, loose the top lines from smbstatus -b
for instance, but a start?
-BT
--
Bjørn Tore Sund Phone: 555-84894 Email: bjorn.sund at it.uib.no
IT department VIP: 81724 Support: http://bs.uib.no
Univ. of Bergen
When in fear and when in doubt, run in circles, scream and shout.
More information about the samba
mailing list