Re-2: [Samba] limit login

Adam Tauno Williams adamtaunowilliams at
Thu Sep 6 11:43:53 GMT 2007

> > You are aware that once someone has logged in an
> > administrator has to reset that account. This is *NOT*
> > automatic if the user logs out from his first
> > workstation. That functionality is impossible to achieve for
> > us, Windows does not tell us when the user logs out.
> Maybe I'm being naïve, or maybe it's just that I don't need this 
> functionality for anything, but I'd solve it by running regularly (every 
> hour, every ten minutes, whatever you determine appropriate) something 
> like this script:
> #!/bin/bash
> smbstatus -b | awk '{print "nobody = " $2}' > /etc/samba/smb.usermap

No, this does not work.

> Then set username map = /etc/samba/smb.usermap in smb.conf.  This should 
> cause any user who have a share mapped not to be able to authenticate 
> because their password is tested with the user nobody - until they are 
> logged out AND the script is run again.
> Untested, and in need of refining, loose the top lines from smbstatus -b 
> for instance, but a start?

The output of smbstatus is not terribly useful for this kind of purpose.
You may see users listed after they have disconnected and you have to
deal with that connections may drop and be recreated (deadtime, etc...)
- none of which is tightly coupled with a logon/logoff event.  smbstatus
doesn't provide sufficient information to solve the
sign-on-to-single-workstation problem.

More information about the samba mailing list