[luau] user group defined logon scripts with Samba

Karotu Tannang karotu.kangare at tskl.net.ki
Thu Nov 6 12:37:14 PST 2003 

Hi Ho'ala,

Thanks for that wonderful tip. It certainly worked ok! I was wondering
though if there is a better solution for writing a separate logon script for
each group and then allowing the users - belonging to that group - to
execute their respective group-designed script.

somehow the only solution I had was to alter each particular user's group ID
(gid) in /etc/passwd with the group ID of the newly created groups
distinguishing their departments -  which I have a feeling is a bit dodgy.
Maybe this would be just the same as using %U.bat as you suggested which is
much safer too. But I am just worried everytime the Administrators of this
server have to update their users, they will have to go through these
'dangerous' tasks of adding their users.

anyways, if anyone knows any better solution, I'll be very grateful...

thanks again in advance,

Thank you as well Ho'ala,

regards

- Karotu

----- Original Message -----
From: "Ho'ala Greevy" <hoala at secretbonus.com>
To: <luau at videl.ics.hawaii.edu>
Sent: Wednesday, November 05, 2003 6:19 AM
Subject: Re: [luau] user group defined logon scripts with Samba


> howzit Karotu,
>
>
> have you tried this instead?:
> logon script = %U.bat
>
>
> I don't know how many users you have, but I know that option works.
> AFAIK, using global groups with a Samba PDC is still under development.
> testparm | less
>
> also helps...
>
>
> -ho'ala
>
>
> Karotu Tannang said:
> > Mauri All - (Hi All)
> >
> > I've been trying to get Samba to redirect its users to their respective
> > logon scripts but have had no luck lately.
> >
> > Here is my smb.conf
> >
> > #========================================================
> > [global]
> >    workgroup = MWE
> >    netbios name = Server01
> >    encrypt passwords = yes
> >    security = user
> >    domain master = yes
> >    domain logons = yes
> >    log level = 3
> >    log file = /etc/samba/samba.log
> >    Logon Script = %G\logon.bat  # I have also tried Logon Script =
> >    %G.bat
> > but still no script execution
> >    logon home = \\Server01\%U
> >    logon path = \\Server01\%U
> >    os level = 99
> >    preferred master = True
> >    wins support = no
> >    deadtime = 0
> >     #Automatically add them users/machines
> >    add user script = /usr/sbin/useradd -d /dev/null -g machines -c
> >    'Machine
> > Account' -s /bin/false -M %u
> >
> >
> > [homes]
> >    read only = no
> >    create mask = 0600
> >    writable = yes
> >    directory mask = 0700
> >
> > [netlogon]
> >    guest ok = yes
> >    writable = yes
> >    public = yes
> >    path = /usr/netlogon
> >    create mask = 0600
> >    directory mask = 0777
> >
> > [General]
> >    path = /home/data/General
> >    writable = yes
> >    public = yes
> >
> > [AccountShare]
> >    path = /home/data/Accounts
> >    writeable = yes
> >    public = no
> >    valid users = @Account @LANAdmin
> >
> >
> > [AdminShare]
> >    path = /home/data/Administration
> >    writeable = yes
> >    public = no
> >    valid users = @Admin @LANAdmin
> >
> > [CivilShare]
> >     path = /home/data/Civil
> >    writeable = yes
> >    public = no
> >    valid users = @Civil @LANAdmin
> >
> > [EnergyShare]
> >     path = /home/data/Energy
> >    writeable = yes
> >    public = no
> >    valid users = @Energy @LANAdmin
> >
> > [RegistryShare]
> >     path = /home/data/Registry
> >    writeable = yes
> >    public = no
> >    valid users = @Registry @LANAdmin
> >
> > [TechShare]
> >    path = /home/data/Technical
> >    writeable = yes
> >    public = no
> >    valid users = @Technical @LANAdmin # there is a group called
> >    Technical,
> > not Tech
> >
> > [WaterShare]
> >    path = /home/data/Water
> >    writeable = yes
> >    public = no
> >    valid users = @Water @LANAdmin
> > #==========================================
> >
> > Under /usr/netlogon I created the group directories with read rights
> > for ALL groups.
> >
> > Each directory contains a file called logon.bat with read and execution
> > rights to the groups..
> >
> > contents of logon.bat
> >
> > NET USE G: \\Server01\General
> > NET USE L: \\Server01\WhichevergroupShare
> >
> >
> > Somehow I can't the scripts to be loaded. I now have an idea but I'd
> > like get some feed back as well in order to improve this smb.conf
> > and/or logon.bat
> >
> >
> > With many thanks in advance...
> >
> > Regards,
> >
> >
> > Karotu
> > --
> > Karotu Tannang
> > Support
> > Kangare Software Engineering
> >
> >
> > _______________________________________________
> > LUAU mailing list
> > LUAU at videl.ics.hawaii.edu
> > http://videl.ics.hawaii.edu/mailman/listinfo/luau
>
>
>
> -----------------------------------------
> Spam & Virus Protection provided by Pau Spam: Risk-FREE 30-Day Trial*
> http://pauspam.net
>
>
> _______________________________________________
> LUAU mailing list
> LUAU at videl.ics.hawaii.edu
> http://videl.ics.hawaii.edu/mailman/listinfo/luau

More information about the LUAU mailing list