The behavior of the 'add user script' smb.conf option is rather weird: It is documented as an option to the login parts of the protocol, and used to add users dynamically during the logon process, if they don't exist locally.
However, it is also used in the SAMR code when an admin explicitly creates a user. This is actually the more natural use for the parameter, but it is unnaturally shared between the two areas. This 'dual use' causes problems - unexpected users being created etc. However, this is nothing compared to its evil twin: 'delete user script' runs when a user attempts to log in, but the PDC says that they don't exist. Firstly: does this really happen? If a user has to attempt to log in to trigger it, what exactly is the point... This also has rather nasty consequences, when the user does not exist on the PDC (normal local user etc), the script can fire. If the admin is not careful this can be quite nasty. While this is documented, it is still nasty. Whats more, all the PDC documentation refers to these options for their SAMR use, so as to create machine accounts on demand... Now both of these options are *too* easy to misconfigure, and they really don't fit well into the HEAD authenticiaon setup anyway. Could these be killed in the auth context? This would leave them as SAMR commands, for when users are really added to the system. If we still need the capability to add users to the system on a dynamic basis (this is really the job of winbind, but I digress) could we at least use a different option? Like 'dynamic login user add script'? Or keep these but rename the SAMR meanings? What do you think? Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba