Well, you can run smbstatus from the preexec script. You can grep out the name of the user connecting and compare it to the %U or %u variable sent during the login to $IPC. This could get complicated. For example, your script would depend, maybe, on whether you have security = share or security = user.
Here is a possibly useful tool for figuring out what you want. This smb.conf share, with the script Hello, captures all the variables passed when a user logs on. This may help you writing your script. With the results of this script and the output of smbstatus, you could really fine tune what you allow. With care, just cut and paste this into your smb.conf file. Joel [public] comment = Root directory path = / read only = no create mask = 0777 exec = rm /tmp/Hello;echo \"m %m \" \"G %G \" \"I %I \" \"L %L \" \"M %M \" \"N %N \" \"R %R \" \"T %T \" \"U %U \" \"a %a \" \"d %d \" \"h %h \" \"p %p \" \"v %v \" \"H %H \" \"P %P \" \"S %S \" \"g %g \" \"u %u \" | xargs -n1 /usr/local/samba/bin/Hello;\ echo This is my home %$(HOME) >> /tmp/Hello The script Hello is as follows: #!/bin/bash i=`echo "$1" | tr -s " "` index=`echo "$i" | cut -d" " -f1` value=`echo "$i" | sed 's/^. //'` case $index in m ) message="client machine NetBios name = $value";; M ) message="Internet DNS of client= $value";; I ) message="IP address of client = $value";; a ) message="Architecture of remote machine= $value";; U ) message="Session user name (one the client wanted)= $value";; L ) message="Netbios name of server = $value";; h ) message="Internet DNS hostname of server= $value";; R ) message="Protocal level = $value";; v ) message="Samba version= $value";; T ) message="Current time and date= $value";; G ) message="Primary goup name of U = $value";; N ) message="NIS home directory= $value";; d ) message="Process ID of current server= $value";; p ) message="Path of services home directory from NIS= $value";; H ) message="Home directory of user in u= $value";; P ) message="Root directory of current service = $value";; S ) message="Name of current service = $value";; g ) message="Primary group name of u in share = $value";; u ) message="User name of current service = $value";; esac echo $message \(\%$index\) >> /tmp/Hello The output should look like this: client machine NetBios name = hammer10 (%m) Primary goup name of U = ftp (%G) IP address of client = 192.168.1.10 (%I) Netbios name of server = jhammer6 (%L) Internet DNS of client= hammer10.jhammer.org (%M) NIS home directory= jhammer6 (%N) Protocal level = NT1 (%R) Current time and date= 2003/06/26 06:56:28 (%T) Session user name (one the client wanted)= anonymous (%U) Architecture of remote machine= Samba (%a) Process ID of current server= 13089 (%d) Internet DNS hostname of server= jhammer6 (%h) Path of services home directory from NIS= (%p) Samba version= 2.2.1a (%v) Home directory of user in u= /home/ftp (%H) Root directory of current service = / (%P) Name of current service = public (%S) Primary group name of u in share = ftp (%g) User name of current service = ftp (%u) This is my home /home/jlh This is what I get when I log on as user jlh but ask for a guest access, with the guest account being ftp. Note, you have the process ID of the connection. That could be killed with kill -15 %d if you wanted to. Joel > i am the person who wrote to the list about preventing lots of users > logging on. > as themselves more then once. > i can probably figure out how to work preexec but i am very confused about > how to write the script so it checks for a user, and if that user exists in > the smbstatus list, deny the second user from logging on. > usernames are just added to the smbpassword file using the -a switch for > each user, the passwords are of course encrypted. > sorry for writing you privately but i really need this problem solved and i > am not at that location where i subscribed but i am able to check mail. > thanks a lot for trying the preexec command. > i will read about it in docs. > > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba