My apologies for repsonding to my own message, but I was hoping that
something that seems this simple would elicit some quick responses.
The short version is: I need a method to log each user logon to a Samba
PDC. Logging from a preexec script in the [netlogon] share works, but
users are logged twice. Is there a correct way to do this so that each
network logon is logged only once?
Original long version follows:
Bill Arlofski wrote:
I'm looking for a simple solution to log a single entry for each login
to a Samba PDC.
My current attempt(s) of using a root prexec script in either the
[netlogon] share definition or the [global] section are working, but not
exactly as expected.
In [netlogon] I have an entry:
root preexec = /path/to/script/makelogonscript.pl %g %u %m %I
...where makelogonscript.pl generates a customized logon script for each
user/group etc. AND, at the top of this script, a simple section has
been added to log to a logonlog.log file the following information:
Date Time Primary_Group IP_Address machinename username
So far so good. The problem I am seeing with this is that every time
someone logs into the domain, it appears that the [netlogon] share is
opened twice because this script writes two entries for each user,
usually about 4 seconds apart, sometimes about 10 seconds apart, but I
have seen as high as 30 seconds or more.
ie:
03-16-2005 12:14:00 group xx.xx.xx.xx machinename username
03-16-2005 12:14:04 group xx.xx.xx.xx machinename username
Speaking in #samba on freenode we agreed that this might be because some
versions of windows temporarily map a Z: drive to the netlogon share and
then work off of that during the logon process.
OK, so next up was putting a simple root preexec logging script in the
[global] section of smb.conf
Similar, but not exact results were found.
Most domain logins were logged twice, some were only logged once. Also,
there are now some entries with nobody as the group and username but
these nobody entries can be easily omitted from reports with
sed/grep/awk/perl/whatever so they are inconsequential. :)
So, I guess my basic question is:
Where in the logon process is the correct place to tell Samba to do
something (ie: run this script) but do it only once?
Thanks for any help!
-
Bill Arlofski
Bill Arlofski
[EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba