Re-2: [Samba] limit login

Bjoern Tore Sund bjorn.sund at
Thu Sep 6 07:24:33 GMT 2007

Volker Lendecke wrote:
> On Wed, Sep 05, 2007 at 12:14:25PM +0000, damiend at wrote:
>> yes please this would fix problems with have with user
>> loggin on at one end of the site then at the other later.
> Just to make sure:
> You are aware that once someone has logged in an
> administrator has to reset that account. This is *NOT*
> automatic if the user logs out from his first
> workstation. That functionality is impossible to achieve for
> us, Windows does not tell us when the user logs out.

Maybe I'm being naïve, or maybe it's just that I don't need this 
functionality for anything, but I'd solve it by running regularly (every 
hour, every ten minutes, whatever you determine appropriate) something 
like this script:

smbstatus -b | awk '{print "nobody = " $2}' > /etc/samba/smb.usermap

Then set username map = /etc/samba/smb.usermap in smb.conf.  This should 
cause any user who have a share mapped not to be able to authenticate 
because their password is tested with the user nobody - until they are 
logged out AND the script is run again.

Untested, and in need of refining, loose the top lines from smbstatus -b 
for instance, but a start?

Bjørn Tore Sund       Phone: 555-84894   Email:   bjorn.sund at
IT department         VIP:   81724       Support:
Univ. of Bergen

When in fear and when in doubt, run in circles, scream and shout.

More information about the samba mailing list