Re: [Samba] Logon scripts, home directories, and Samba4 AD
This could do the job Identify the home share on your samba3 fileserver (certain it is member of your samba4 domain?!) as dfs root Ex: msdfs root= yes On samba4 ads [home] msdfs proxy= \your-samba3-server\homes read only = No with rsat point to \your-samba3-server\homes Good luck --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Lee Allen Gesendet: Mittwoch, 3. Juli 2013 00:20 An: samba@lists.samba.org; samba-techni...@lists.samba.org Betreff: [Samba] Logon scripts, home directories, and Samba4 AD I apologize if this appears twice: I posted it several hours ago and it has not appeared on the list, so I am tweaking the email address and trying again. I have two separate (virtual) servers: one running Samba4 functioning as an AD controller, and one running Samba 3.6.1 functioning as a file print server. On the Samba3 side I am using security=ads and winbind and authenticating against the Samba4 ADC. Everything is working great. Where things get a little messy is with the [homes] shares. Here is what I am doing now: My Samba3 smb.conf has a typical [homes] section. I create a subdirectory for each user, and set ownership permissions. I create a logon script on the Samba4 system -- one for each user, because the username is embedded in it: net use H: \\samba3\username And then I use RSAT to set the logon script to the correct value for each user. It's just a lot of steps that need to be performed (perfectly) for each user. Is there a better way? I see RSAT allows me to specify a Home folder. Could this be a folder on the Samba3 server -- ie, \\samba3\username ? (I tried that and it did not work) I can imagine some scripts that would create the logon script on the Samba4 system, and create the necessary directories on the Samba3 system. I could probably manage that, but I hate to re-invent the wheel -- If there is a clean, orthodox way to do this, I would like to know what it is. Thank you. Lee Allen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Logon scripts, home directories, and Samba4 AD
Hi, This could do the job Identify the home share on your samba3 fileserver (certain it is member of your samba4 domain?!) as dfs root Ex: msdfs root= yes On samba4 ads [home] msdfs proxy= \your-samba3-server\homes read only = No with rsat point to \your-samba3-server\homes Good luck --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- Even easier specify \\your-samba3-server\%USERNAME% as the home folder setting under ADUC for all the users you want (you can even select them set this once) if you also specify home drive H: it will get mounted at that drive letter -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Lee Allen Gesendet: Mittwoch, 3. Juli 2013 00:20 An: samba@lists.samba.org; samba-techni...@lists.samba.org Betreff: [Samba] Logon scripts, home directories, and Samba4 AD I apologize if this appears twice: I posted it several hours ago and it has not appeared on the list, so I am tweaking the email address and trying again. I have two separate (virtual) servers: one running Samba4 functioning as an AD controller, and one running Samba 3.6.1 functioning as a file print server. On the Samba3 side I am using security=ads and winbind and authenticating against the Samba4 ADC. Everything is working great. Where things get a little messy is with the [homes] shares. Here is what I am doing now: My Samba3 smb.conf has a typical [homes] section. I create a subdirectory for each user, and set ownership permissions. I create a logon script on the Samba4 system -- one for each user, because the username is embedded in it: net use H: \\samba3\username And then I use RSAT to set the logon script to the correct value for each user. It's just a lot of steps that need to be performed (perfectly) for each user. Is there a better way? I see RSAT allows me to specify a Home folder. Could this be a folder on the Samba3 server -- ie, \\samba3\username ? (I tried that and it did not work) I can imagine some scripts that would create the logon script on the Samba4 system, and create the necessary directories on the Samba3 system. I could probably manage that, but I hate to re-invent the wheel -- If there is a clean, orthodox way to do this, I would like to know what it is. Thank you. Lee Allen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Regards Geza Gemes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Logon scripts, home directories, and Samba4 AD
Thank you, that works great, and it eliminates the need to create logon scripts for each user. That's a big improvement. ADUC complains it cannot create the folder. Not surprising, because the specified folder \\samba3\username does not really exist -- it's a [homes] share, the true pathname is \\samba3\nas\homes\username. So I still need to create the directory in the samba3 system, and set permissions appropriately. Is there a way around this? The only solution I can see is to write a script that will create the necessary directories when a user is created. But that wouldn't be simple, because it's on a different server -- the user is created on the samba4 ADC and the shares are on the samba3 fileserver. On Wed, Jul 3, 2013 at 3:22 AM, Gémes Géza g...@kzsdabas.hu wrote: Hi, This could do the job Identify the home share on your samba3 fileserver (certain it is member of your samba4 domain?!) as dfs root Ex: msdfs root= yes On samba4 ads [home] msdfs proxy= \your-samba3-server\homes read only = No with rsat point to \your-samba3-server\homes Good luck --**- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --**- Even easier specify \\your-samba3-server\%**USERNAME% as the home folder setting under ADUC for all the users you want (you can even select them set this once) if you also specify home drive H: it will get mounted at that drive letter -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-bounces@lists.** samba.org samba-boun...@lists.samba.org] Im Auftrag von Lee Allen Gesendet: Mittwoch, 3. Juli 2013 00:20 An: samba@lists.samba.org; samba-technical@lists.samba.**orgsamba-techni...@lists.samba.org Betreff: [Samba] Logon scripts, home directories, and Samba4 AD I apologize if this appears twice: I posted it several hours ago and it has not appeared on the list, so I am tweaking the email address and trying again. I have two separate (virtual) servers: one running Samba4 functioning as an AD controller, and one running Samba 3.6.1 functioning as a file print server. On the Samba3 side I am using security=ads and winbind and authenticating against the Samba4 ADC. Everything is working great. Where things get a little messy is with the [homes] shares. Here is what I am doing now: My Samba3 smb.conf has a typical [homes] section. I create a subdirectory for each user, and set ownership permissions. I create a logon script on the Samba4 system -- one for each user, because the username is embedded in it: net use H: \\samba3\username And then I use RSAT to set the logon script to the correct value for each user. It's just a lot of steps that need to be performed (perfectly) for each user. Is there a better way? I see RSAT allows me to specify a Home folder. Could this be a folder on the Samba3 server -- ie, \\samba3\username ? (I tried that and it did not work) I can imagine some scripts that would create the logon script on the Samba4 system, and create the necessary directories on the Samba3 system. I could probably manage that, but I hate to re-invent the wheel -- If there is a clean, orthodox way to do this, I would like to know what it is. Thank you. Lee Allen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/**mailman/options/sambahttps://lists.samba.org/mailman/options/samba Regards Geza Gemes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/**mailman/options/sambahttps://lists.samba.org/mailman/options/samba -- *Lee Allen* email: l...@leecallen.com bus: (716) 773-2729 home: (716) 773-2326 cell: (716) 880-0854 fax: (716) 408-8844 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Logon scripts, home directories, and Samba4 AD
So you authenticate against the samba4 ads with your samba3 is this true? Then you can do a root preexec and run a script on your samba3 server every time the users connect to [homes]. Ex: [homes] root preexec = /path-to-script/./user-home-dir %U Your script user-home-dir (where $1 is the login of the user): #!/bin/bash #if exist directory if test -d /path-to/your-users-home-dirs/$1 then #put Directory is already there in a log file echo $1 Directory already up and running /system/log/eanm.log else mkdir /path-to/your-users-home-dirs/$1 chmod -R 700 /path-to/your-users-home-dirs/$1 chown -R $1:Domain Users / path-to/your-users-home-dirs/$1 echo /path-to/your-users-home-dirs/$1 created /system/log/anm.log fi Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Lee Allen Gesendet: Mittwoch, 3. Juli 2013 14:56 An: Gémes Géza Cc: samba@lists.samba.org Betreff: Re: [Samba] Logon scripts, home directories, and Samba4 AD Thank you, that works great, and it eliminates the need to create logon scripts for each user. That's a big improvement. ADUC complains it cannot create the folder. Not surprising, because the specified folder \\samba3\username does not really exist -- it's a [homes] share, the true pathname is \\samba3\nas\homes\username. So I still need to create the directory in the samba3 system, and set permissions appropriately. Is there a way around this? The only solution I can see is to write a script that will create the necessary directories when a user is created. But that wouldn't be simple, because it's on a different server -- the user is created on the samba4 ADC and the shares are on the samba3 fileserver. On Wed, Jul 3, 2013 at 3:22 AM, Gémes Géza g...@kzsdabas.hu wrote: Hi, This could do the job Identify the home share on your samba3 fileserver (certain it is member of your samba4 domain?!) as dfs root Ex: msdfs root= yes On samba4 ads [home] msdfs proxy= \your-samba3-server\homes read only = No with rsat point to \your-samba3-server\homes Good luck --**- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --**- Even easier specify \\your-samba3-server\%**USERNAME% as the home folder setting under ADUC for all the users you want (you can even select them set this once) if you also specify home drive H: it will get mounted at that drive letter -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-bounces@lists.** samba.org samba-boun...@lists.samba.org] Im Auftrag von Lee Allen Gesendet: Mittwoch, 3. Juli 2013 00:20 An: samba@lists.samba.org; samba-technical@lists.samba.**orgsamba-techni...@lists.samba.org Betreff: [Samba] Logon scripts, home directories, and Samba4 AD I apologize if this appears twice: I posted it several hours ago and it has not appeared on the list, so I am tweaking the email address and trying again. I have two separate (virtual) servers: one running Samba4 functioning as an AD controller, and one running Samba 3.6.1 functioning as a file print server. On the Samba3 side I am using security=ads and winbind and authenticating against the Samba4 ADC. Everything is working great. Where things get a little messy is with the [homes] shares. Here is what I am doing now: My Samba3 smb.conf has a typical [homes] section. I create a subdirectory for each user, and set ownership permissions. I create a logon script on the Samba4 system -- one for each user, because the username is embedded in it: net use H: \\samba3\username And then I use RSAT to set the logon script to the correct value for each user. It's just a lot of steps that need to be performed (perfectly) for each user. Is there a better way? I see RSAT allows me to specify a Home folder. Could this be a folder on the Samba3 server -- ie, \\samba3\username ? (I tried that and it did not work) I can imagine some scripts that would create the logon script on the Samba4 system, and create the necessary directories on the Samba3 system. I could probably manage that, but I hate to re-invent the wheel -- If there is a clean, orthodox way to do this, I would like to know what it is. Thank you. Lee Allen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/**mailman/options
Re: [Samba] Logon scripts, home directories, and Samba4 AD
Daniel that's perfect - - the 'root preexec' is exactly what I need. Thank you. On Jul 3, 2013 9:33 AM, Daniel Müller muel...@tropenklinik.de wrote: So you authenticate against the samba4 ads with your samba3 is this true? Then you can do a root preexec and run a script on your samba3 server every time the users connect to [homes]. Ex: [homes] root preexec = /path-to-script/./user-home-dir %U Your script user-home-dir (where $1 is the login of the user): #!/bin/bash #if exist directory if test -d /path-to/your-users-home-dirs/$1 then #put Directory is already there in a log file echo $1 Directory already up and running /system/log/eanm.log else mkdir /path-to/your-users-home-dirs/$1 chmod -R 700 /path-to/your-users-home-dirs/$1 chown -R $1:Domain Users / path-to/your-users-home-dirs/$1 echo /path-to/your-users-home-dirs/$1 created /system/log/anm.log fi Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Lee Allen Gesendet: Mittwoch, 3. Juli 2013 14:56 An: Gémes Géza Cc: samba@lists.samba.org Betreff: Re: [Samba] Logon scripts, home directories, and Samba4 AD Thank you, that works great, and it eliminates the need to create logon scripts for each user. That's a big improvement. ADUC complains it cannot create the folder. Not surprising, because the specified folder \\samba3\username does not really exist -- it's a [homes] share, the true pathname is \\samba3\nas\homes\username. So I still need to create the directory in the samba3 system, and set permissions appropriately. Is there a way around this? The only solution I can see is to write a script that will create the necessary directories when a user is created. But that wouldn't be simple, because it's on a different server -- the user is created on the samba4 ADC and the shares are on the samba3 fileserver. On Wed, Jul 3, 2013 at 3:22 AM, Gémes Géza g...@kzsdabas.hu wrote: Hi, This could do the job Identify the home share on your samba3 fileserver (certain it is member of your samba4 domain?!) as dfs root Ex: msdfs root= yes On samba4 ads [home] msdfs proxy= \your-samba3-server\homes read only = No with rsat point to \your-samba3-server\homes Good luck --**- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --**- Even easier specify \\your-samba3-server\%**USERNAME% as the home folder setting under ADUC for all the users you want (you can even select them set this once) if you also specify home drive H: it will get mounted at that drive letter -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-bounces@lists.** samba.org samba-boun...@lists.samba.org] Im Auftrag von Lee Allen Gesendet: Mittwoch, 3. Juli 2013 00:20 An: samba@lists.samba.org; samba-technical@lists.samba.**orgsamba-techni...@lists.samba.org Betreff: [Samba] Logon scripts, home directories, and Samba4 AD I apologize if this appears twice: I posted it several hours ago and it has not appeared on the list, so I am tweaking the email address and trying again. I have two separate (virtual) servers: one running Samba4 functioning as an AD controller, and one running Samba 3.6.1 functioning as a file print server. On the Samba3 side I am using security=ads and winbind and authenticating against the Samba4 ADC. Everything is working great. Where things get a little messy is with the [homes] shares. Here is what I am doing now: My Samba3 smb.conf has a typical [homes] section. I create a subdirectory for each user, and set ownership permissions. I create a logon script on the Samba4 system -- one for each user, because the username is embedded in it: net use H: \\samba3\username And then I use RSAT to set the logon script to the correct value for each user. It's just a lot of steps that need to be performed (perfectly) for each user. Is there a better way? I see RSAT allows me to specify a Home folder. Could this be a folder on the Samba3 server -- ie, \\samba3\username ? (I tried that and it did not work) I can imagine some scripts that would create the logon script on the Samba4 system, and create the necessary directories on the Samba3 system. I could probably manage that, but I hate
[Samba] Logon scripts, home directories, and Samba4 AD
I have two separate (virtual) servers: one running Samba4 functioning as an AD controller, and one running Samba 3.6.1 functioning as a file print server. I am using security=ads and winbind. Everything is working great. Where things get a little messy is with the [homes] shares. Here is what I am doing now: My Samba3 smb.conf has a typical [homes] section. I create a subdirectory for each user, and set ownership permissions. I create a logon script on the Samba4 system -- one for each user, because the username is embedded in it: net use H: \\samba3\username And then I use RSAT to set the logon script to the correct value for each user. It's just a lot of steps that need to be performed (perfectly) for each user. Is there a better way? I see RSAT allows me to specify a Home folder. Could this be a folder on the Samba3 server -- ie, \\samba3\username ? (I tried that and it did not work) I can imagine some scripts that would create the logon script on the Samba4 system, and create the necessary directories on the Samba3 system. I could probably manage that, but I hate to re-invent the wheel -- If there is a clean, orthodox way to do this, I would like to know what it is. Thank you. -- *Lee Allen* email: l...@leecallen.com bus: (716) 773-2729 home: (716) 773-2326 cell: (716) 880-0854 fax: (716) 408-8844 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Logon scripts, home directories, and Samba4 AD
I apologize if this appears twice: I posted it several hours ago and it has not appeared on the list, so I am tweaking the email address and trying again. I have two separate (virtual) servers: one running Samba4 functioning as an AD controller, and one running Samba 3.6.1 functioning as a file print server. On the Samba3 side I am using security=ads and winbind and authenticating against the Samba4 ADC. Everything is working great. Where things get a little messy is with the [homes] shares. Here is what I am doing now: My Samba3 smb.conf has a typical [homes] section. I create a subdirectory for each user, and set ownership permissions. I create a logon script on the Samba4 system -- one for each user, because the username is embedded in it: net use H: \\samba3\username And then I use RSAT to set the logon script to the correct value for each user. It's just a lot of steps that need to be performed (perfectly) for each user. Is there a better way? I see RSAT allows me to specify a Home folder. Could this be a folder on the Samba3 server -- ie, \\samba3\username ? (I tried that and it did not work) I can imagine some scripts that would create the logon script on the Samba4 system, and create the necessary directories on the Samba3 system. I could probably manage that, but I hate to re-invent the wheel -- If there is a clean, orthodox way to do this, I would like to know what it is. Thank you. Lee Allen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Logon scripts
The welcome screen? The welcome screen is first logoff and then login again. All work of the user will be lost!? The locked screen is an item of security and it protects the authenticated users desktop. And as long the user is authenticated no other users has the right to drop in. Every other rule would be chaos. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Terry Austin Gesendet: Freitag, 8. März 2013 23:38 An: samba@lists.samba.org Betreff: Re: [Samba] Logon scripts OK, once I found the Group Policy editor, I got what I needed (which was to enforce a screen saver with a password). Thanks. Anybody know how to (ir if you can) get XP Pro to go to the welcome screen instead of the locked screen when it comes out of the screen saver? Unlocking can only be done by whoever was logged in at the time, or an admin, and the admin options forcibly logs out the other user. (The correct solution, of course, is upgrading to Win7, but that's a time consuming and expensive process, and we're not there yet.) On 8 Mar 2013 at 14:15, Ricky Nance wrote: Hello Terry, You will need to define a logon script for each user in the Active Directory Users and Computers (ADUC) tool or you can do this through user GPO's (there is a logon script option under the user module). In ADUC, select a user (or highlight several users) then under the profiles tab add the filename (logon.bat for me, your's may be different) and ensure that the logon.bat exists in the netlogon share. For the GPO option you can open Group Policy MMC and select your users OU, then create new policy, name it something useful (map homes share, or run logon script for instance), edit it, and under User Configuration, click Windows Settings, scripts (logon/logoff), then double click the logon option, and add your file to the GPO under the show files button, then click Add, and select the file you just added (or created) there. Ricky On Fri, Mar 8, 2013 at 2:02 PM, Terry Austin te...@crownhardware.comwrote: Is there a detailed howto on setting up logon scripts on Samba 4? Or is it the same as for 3? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Logon scripts
Is there a detailed howto on setting up logon scripts on Samba 4? Or is it the same as for 3? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Logon scripts
Hello Terry, You will need to define a logon script for each user in the Active Directory Users and Computers (ADUC) tool or you can do this through user GPO's (there is a logon script option under the user module). In ADUC, select a user (or highlight several users) then under the profiles tab add the filename (logon.bat for me, your's may be different) and ensure that the logon.bat exists in the netlogon share. For the GPO option you can open Group Policy MMC and select your users OU, then create new policy, name it something useful (map homes share, or run logon script for instance), edit it, and under User Configuration, click Windows Settings, scripts (logon/logoff), then double click the logon option, and add your file to the GPO under the show files button, then click Add, and select the file you just added (or created) there. Ricky On Fri, Mar 8, 2013 at 2:02 PM, Terry Austin te...@crownhardware.comwrote: Is there a detailed howto on setting up logon scripts on Samba 4? Or is it the same as for 3? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Logon scripts
OK, once I found the Group Policy editor, I got what I needed (which was to enforce a screen saver with a password). Thanks. Anybody know how to (ir if you can) get XP Pro to go to the welcome screen instead of the locked screen when it comes out of the screen saver? Unlocking can only be done by whoever was logged in at the time, or an admin, and the admin options forcibly logs out the other user. (The correct solution, of course, is upgrading to Win7, but that's a time consuming and expensive process, and we're not there yet.) On 8 Mar 2013 at 14:15, Ricky Nance wrote: Hello Terry, You will need to define a logon script for each user in the Active Directory Users and Computers (ADUC) tool or you can do this through user GPO's (there is a logon script option under the user module). In ADUC, select a user (or highlight several users) then under the profiles tab add the filename (logon.bat for me, your's may be different) and ensure that the logon.bat exists in the netlogon share. For the GPO option you can open Group Policy MMC and select your users OU, then create new policy, name it something useful (map homes share, or run logon script for instance), edit it, and under User Configuration, click Windows Settings, scripts (logon/logoff), then double click the logon option, and add your file to the GPO under the show files button, then click Add, and select the file you just added (or created) there. Ricky On Fri, Mar 8, 2013 at 2:02 PM, Terry Austin te...@crownhardware.comwrote: Is there a detailed howto on setting up logon scripts on Samba 4? Or is it the same as for 3? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] logon scripts and variable substitution on the windows side
i am really wondering a logon script stated in the config file with for example logon script = %L.bat can't contain inside variable substitutions from samba for example a script that it will have inside and it will be uploaded in the client to contain net use z: \\%L\%u to be translated to net use z: \\SERVER\username how it can it be done that? thank you Sarantopoulos Nikos -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] logon scripts and variable substitution on the windows side
Hallo, nikos, Du meintest am 17.12.11: i am really wondering a logon script stated in the config file with for example logon script = %L.bat can't contain inside variable substitutions from samba for example a script that it will have inside and it will be uploaded in the client to contain net use z: \\%L\%u to be translated to net use z: \\SERVER\username If I have understood the system(s): %L is a linux variable on the server, net use is (mostly) a command which is run from/on a client (windows or Linux) which knows nothing about the servers'/samba's variables. For those purposes I run on the server (in the home share) a command root preexec = /etc/samba/exec/parameter %u %a %g %m which runs the linux/bash script parameter, and parameter writes a (windows) batch file into the user's home directory which contains lines like @echo off if a%Server% == a set Server=192.168.0.1 set opsys=WinXP set group=lehrer set machine=___192.168.0.42 Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Logon scripts not executed when NT4 trusted domain users log in a S3-controlled domain
Quoting Christian PERRIER (bubu...@debian.org): - I get a notice that the domain paassword is expired. I can either change it or ignore the warning, but: This was bug #7066. Fixed in 3.5.8. - the DomB user logon script is not executed This seems to be bug #6356 though my client is a Windows XP machine (not Win7). This is really a showstopper for me. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Logon scripts not executed when NT4 trusted domain users log in a S3-controlled domain
I'm currently building a Samba3-based domain (DomA) that has a trust relationship with an existing production NT4 domain (DomB). DomA uses an LDAP backend. The LDAP server is local on the PDC and is dedicated to such use. DomA runs Samba 3.5.6 on Debian 6.0. DomB is an old-timer: NT4 domain that's running for ages. The trust relationship has been established: DomA trusts DomB. Clients (Windows XP workstations) can join DomA flawlessly. Machine accounts are properly created in the LDAP backend. A DomB user can open a session on client workstations...however: - I get a notice that the domain paassword is expired. I can either change it or ignore the warning, but: - the DomB user logon script is not executed - the DomB user home directory is not connected (users in DomB have their home set to \\someserver\login) Of course, everything is working as expected when DomB users open a session on a DomB client: no password expiration warning, logon script executed. I actually see no sign of abnormal behaviour in samba logs on the PDC. Indeed, once the user is authenticated, nothing shows up in the logs. Would you people have suggestions about places where I could investigate such problem? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Logon scripts in Windows 2000
I am certain this is a stupid question, but I have been reading books and searching Google for the answer and have come up blank. Are domain logins required for login scripts to work or will they work in workgroup mode as well? Thanks in advance and I have my asbestos underwear in case the question is really stupid -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Logon scripts in Windows 2000
On Saturday 03 January 2009 21:18:09 Bruce Ferrell wrote: I am certain this is a stupid question, but I have been reading books and searching Google for the answer and have come up blank. Please tell us which books you have been reading. They should all be burnt! ;-) Are domain logins required for login scripts to work or will they work in workgroup mode as well? Domain logons are required for logon scripts to be available, but the windows client also must be joined to the domain. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Logon scripts in Windows 2000
Bruce Ferrell wrote: Are domain logins required for login scripts to work or will they work in workgroup mode as well? Yes. Workgroup is what you could call a peer to peer mode. Nothing controls anything, and nothing really trusts anything. TB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Logon scripts in Windows 2000
Hallo, Bruce, Du (bferrell) meintest am 03.01.09: Are domain logins required for login scripts to work or will they work in workgroup mode as well? You can put a local script into the user's autostart directory which calls the logon script of the server. That's the way I connect Windows XP Home clients to the server. - local logon script -- @echo off set Server=192.168.0.1 rem or which IP address it may be ping -n 1 -w 1 %Server% | find /I (0% if errorlevel 1 goto tunix \\%Server%\netlogon\logon rem or where the logon script may live :tunix exit Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Logon scripts not working on all users
I have set up a logon script to run when users login. It works for me when I log in, but my user ID is mapped to a root group as well as administrative privileges. But it is not executing for regular users. What am I doing wrong? Thanks in advance, Boaz logon script = stdlogon.bat logon home = logon path = security = user preferred master = yes domain logons = yes time server = yes guest ok = no domain master = yes writable = no path = /data/printspool [netlogon] ; comment = Network Logon Service path = /var/lib/samba/netlogon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Logon scripts
Hi list! Need your advice! Im looking for a way to do this: I have one SAMBA+LDAP+DNS+DHCP (DC) server running fine in a debian box, my problem now is that a need to have 2 different logon scripts, one is a specific user only, let's say user1 when this user login in winxp client machine the server send to it a script loginA.cmd, and when all user of group Domain Users logs in the server users a loginB.cmd Later a can use this for admin specific scripts or for Domain Admins group, but for now those 2 thing are more important. Thankyou all in advance Edson -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Logon scripts
Edson Capitani wrote: Hi list! Need your advice! Im looking for a way to do this: I have one SAMBA+LDAP+DNS+DHCP (DC) server running fine in a debian box, my problem now is that a need to have 2 different logon scripts, one is a specific user only, let's say user1 when this user login in winxp client machine the server send to it a script loginA.cmd, and when all user of group Domain Users logs in the server users a loginB.cmd Later a can use this for admin specific scripts or for Domain Admins group, but for now those 2 thing are more important. Thankyou all in advance Hi Edson, if I get you right you are talking about a logon script on the CLIENT-side (Windows XP)? We use KIXTART (http://www.kixtart.org) that gives you all necessary flexibility (we do e.g. also connect printers for users according to their group membership, machine they log on, etc.). Best Joachim -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Logon scripts
I have one SAMBA+LDAP+DNS+DHCP (DC) server running fine in a debian box, my problem now is that a need to have 2 different logon scripts, one is a specific user only, let's say user1 when this user login in winxp client machine the server send to it a script loginA.cmd, and when all user of group Domain Users logs in the server users a loginB.cmd Later a can use this for admin specific scripts or for Domain Admins group, but for now those 2 thing are more important. Here we generate the login script on the fly on the server using the root preexec parameter whenever someone connects to the netlogon share. A perl script runs on the server that pulls data from LDAP and checks against all their group memberships and writes an appropriate windows batch file for them to run. Not that this is right for everyone, but it's what we do. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Logon scripts
On Mon, Aug 29, 2005 at 12:10:40PM -0500, Paul Gienger wrote: Here we generate the login script on the fly on the server using the root preexec parameter whenever someone connects to the netlogon share. A perl script runs on the server that pulls data from LDAP and checks against all their group memberships and writes an appropriate windows batch file for them to run. Not that this is right for everyone, but it's what we do. Cool Concept! Thanks for sharing the idea with us. Cheers Geert Stappers signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] logon scripts no longer run with p-node netbios type 2
For several days (at least 4) after using DHCP to switch the NetBIOS node type from h-node (8) to p-node (2) the systems have worked fine (the lease time is only three hours so everyone was affected reasonably early). This morning, however, the logon scripts would not run until I changed the node-type back to h-node. I have found some information regarding timing issues with VPN's but this is plain old local logins (server has gigbit nics, going through a gigbit switch, clients have 100baseT). There was one change but I can't really test that until tonight: Samba was rebuilt with the hide-special-files patch - https://bugzilla.samba.org/show_bug.cgi?id=2514 , which doesn't seem like it should cause a problem. Any other ideas? Thanks. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] logon scripts no longer run with p-node netbios type 2
On Monday 15 August 2005 04:40 pm, Chris wrote: There was one change but I can't really test that until tonight: Samba was rebuilt with the hide-special-files patch - https://bugzilla.samba.org/show_bug.cgi?id=2514 , which doesn't seem like it should cause a problem. Rebuilt the previous version of 14a without the above patch. No change (the problem isn't caused by hide-special-files patch). I'm guessing that the netbios name cache gets depleted after a time when using p-node and that exists a timing issue where the WINS server cannot respond on a timely basis. Can anyone verify? What materials can I provide in order to get a fix? Should this be filed with bugzilla? Thank you. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] logon scripts no longer run with p-node netbios type 2
The Samba log for the system: using h-node starting at logon time: [2005/08/15 23:31:03, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service netlogon initially as user smythe (uid=637, gid=100) (pid 12088) [2005/08/15 23:31:03, 1] smbd/service.c:close_cnum(830) h2s04 (192.168.1.12) closed connection to service netlogon [2005/08/15 23:31:03, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service smythe initially as user smythe (uid=637, gid=100) (pid 12088) [2005/08/15 23:31:03, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service netlogon initially as user smythe (uid=637, gid=100) (pid 12088) [2005/08/15 23:31:04, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service smythe initially as user smythe (uid=637, gid=100) (pid 12088) [2005/08/15 23:31:06, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service cdImages initially as user smythe (uid=637, gid=446) (pid 12088) [2005/08/15 23:31:06, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service kwlibrary initially as user smythe (uid=637, gid=100) (pid 12088) [2005/08/15 23:31:06, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service projects initially as user smythe (uid=637, gid=446) (pid 12088) [2005/08/15 23:31:06, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service ad2 initially as user smythe (uid=637, gid=444) (pid 12088) [2005/08/15 23:31:06, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service print$ initially as user smythe (uid=637, gid=100) (pid 12089) [2005/08/15 23:31:06, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service kwlibrary initially as user smythe (uid=637, gid=100) (pid 12088) [2005/08/15 23:31:07, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service projects initially as user smythe (uid=637, gid=446) (pid 12088) [2005/08/15 23:31:07, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service ad2 initially as user smythe (uid=637, gid=444) (pid 12088) [2005/08/15 23:31:07, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service print$ initially as user smythe (uid=637, gid=100) (pid 12088) [2005/08/15 23:31:08, 1] smbd/ipc.c:api_fd_reply(290) api_fd_reply: INVALID PIPE HANDLE: 709a I don't know what the INVALID PIPE HANDLE is all about but notice the immediate connection to the netlogon service. using p-node starting at logon time: [2005/08/15 23:33:49, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service smythe initially as user smythe (uid=637, gid=100) (pid 12625) [2005/08/15 23:33:50, 1] smbd/service.c:make_connection_snum(642) h2s04 (192.168.1.12) connect to service smythe initially as user smythe (uid=637, gid=100) (pid 12625) [2005/08/15 23:33:50, 1] smbd/service.c:close_cnum(830) h2s04 (192.168.1.12) closed connection to service smythe [2005/08/15 23:33:51, 1] smbd/service.c:make_connection_snum(642) With p-node there is no connection to the netlogon service when logging in. I have reverted any changes, yet the problem persists. WINS appears to be working fine, yet all of a sudden p-node will no longer connect to the netlogon service. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] logon scripts no longer run with p-node netbios type 2
Apparent user mind loss issue p-node works fine as long as you don't disable NetBIOS over TCP/IP, seems I did both at the same time..will sleep now...for many hours -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Logon scripts on Win2k w/s
Hi, The issue is as follows: When a Win2k box becomes a domain member, the first time a user logs into the box on that domain, the Win2k box actually downloads the logon script and executes it. It appears to then save it locally and on subsequent logons does not get it off the server again. However, I do want it to fetch the login script off the server every time as there are occasions where the script does change and I don't really want to go around and fix each occurrence on each workstation... tom. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] logon scripts with kixtart
Shawn Henderson wrote: Any body using kixtart with your samba server..? or anyone have any great scripting tools for logon scripts... Dear Shawn, we use KIXTART since years with 500 users +. Runs very reliable and up to now without any problems. We e.g. use it for - Unmounting and mounting network drives - Unmounting and mounting printers - Changing the registry of client computer - setting up Mozilla for the user logging on, - and many other. If you are interested in our scripts, please send a PM-Mail (pls. mark in the subject accordingly that I don't erase it by accident, since this account serves many lists). Best Joachim -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] logon scripts with kixtart
Any body using kixtart with your samba server..? or anyone have any great scripting tools for logon scripts... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] logon scripts execute randomly
I use samba 3.0.9 as a pdc with ldapsam. In the ldap entries, for every user there is a logon script sambaLogonScript. I only use two different scripts for 1000 users and 100 computers. The scripts lehrer.bat and schueler.bat reside in the netlogon share and provide more shares with the net use command. From the user's perspective, this often works well. sometimes, however, the script is not executed, without further notice, and the users see only their own home directory. more proficient users still can connect to the server and use the other shares, but the less technically minded fail. If it didn't work at all, I could maybe live with it, but this drives me crazy ;-) The domain has only one server, so it shouldn't be a conflict between two servers. has anybody seen this before? google and a search in bugzilla have not yielded much so far. thanks for any input! mathias schenker informatiker gymnasium liestal -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] logon scripts execute randomly
I have a similar problem since upgrade to Samba 3.0.x - must admit I've not tried debugging the problem yet. Have around 1500 users across ~50 XP (SP2) workstations - problem tends to occur ~2 in every 30 users. Logon script does seem to execute though - it's just the drives that don't map. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of mathias schenker Sent: 29 November 2004 14:33 To: [EMAIL PROTECTED] Subject: [Samba] logon scripts execute randomly I use samba 3.0.9 as a pdc with ldapsam. In the ldap entries, for every user there is a logon script sambaLogonScript. I only use two different scripts for 1000 users and 100 computers. The scripts lehrer.bat and schueler.bat reside in the netlogon share and provide more shares with the net use command. From the user's perspective, this often works well. sometimes, however, the script is not executed, without further notice, and the users see only their own home directory. more proficient users still can connect to the server and use the other shares, but the less technically minded fail. If it didn't work at all, I could maybe live with it, but this drives me crazy ;-) The domain has only one server, so it shouldn't be a conflict between two servers. has anybody seen this before? google and a search in bugzilla have not yielded much so far. thanks for any input! mathias schenker informatiker gymnasium liestal -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] logon scripts by group
Hi, I am having a hard time figuring out how to have logon scripts that only execute if the user is a member of a certain group. I had the smart idea of putting the supplemental logon script in a share only available to the group, and then calling it from the normal logon script using CALL path_to_script. However it looks like it always executes that CALL even if the user is not part of a group, and I don't want to confuse my users by the text that goes into the DOS window that pops up to run the logon scripts. Also, somehow I feel like there must be a better way to do this, some way to query Samba for group membership as the user logs in. Also, is there a such thing as a logoff script? Or do I need to put those things in postexec scripts? (things like net use /d *) Thanks for your assistance to this non-Windows user! Misty -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] logon scripts by group
I am having a hard time figuring out how to have logon scripts that only execute if the user is a member of a certain group. We got around a problem like that here initially by using the ifmember tool, however that only returned the primary group, at the time that was under 2.2.x. To get around THAT problem I started writing pre-exec scripts attached to the netlogon share. What I do is define this as netlogon: [netlogon] path = /opt/samba/share/netlogon browseable = No root preexec = /local/scripts/prelogon.pl '%U' Which then generates a script for the user with their name that has the commands that they need to run according to this global line: logon script = %U.bat In the script I do something like this: $groups = `/usr/bin/groups $user`; open (LOGON,/opt/samba/share/netlogon/$user.bat); if ( $groups =~ m/itadmin/ ) { print LOGON NET USE Q: fgoserv\\itadmin\r\n; } That's perl in case you aren't fluent, but I imagine you could use any scripting language and probably do fun stuff like direct ldap queries if that's where you store your posix data, but this works well for us. things in postexec scripts? (things like net use /d *) I believe if you use the /persistant:no flag on your mounts then they won't come back when you log back in, but I could be wrong. That won't solve the problem of the users adding mapped drives that you don't want. For that reason I delete the drives first elsewhere in the script. The pre/post exec lines execute on the server, not the client, so they need to be unix scripts/commands, not windows batch executables. -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] logon scripts by group
Step 1: Create a NETLOGON share with a group variable in the path e.g. /domain_data/netlogon_shares/%g Step 2: In the [globals] section of your conf file enter the name of your script for 'logon script' (e.g. login.bat) Step 3: On your samba PDC create folders for each group name in /domain_data/netlogon/ (or whatever location you have chosen) make sure that users will have read only access. Step 4: Put your login.bat scripts in each folder (you may want to use symbolic links if many groups use the same script - it will make it easier to edit in future). Hope this helps, Lee Baker -Original Message- Sent: 06 October 2004 16:33 To: [EMAIL PROTECTED] Subject: [Samba] logon scripts by group Hi, I am having a hard time figuring out how to have logon scripts that only execute if the user is a member of a certain group. I had the smart idea of putting the supplemental logon script in a share only available to the group, and then calling it from the normal logon script using CALL path_to_script. However it looks like it always executes that CALL even if the user is not part of a group, and I don't want to confuse my users by the text that goes into the DOS window that pops up to run the logon scripts. Also, somehow I feel like there must be a better way to do this, some way to query Samba for group membership as the user logs in. Also, is there a such thing as a logoff script? Or do I need to put those things in postexec scripts? (things like net use /d *) Thanks for your assistance to this non-Windows user! Misty -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] logon scripts by group
Misty Stanley-Jones schrieb: Hi, I am having a hard time figuring out how to have logon scripts that only execute if the user is a member of a certain group. I had the smart idea of putting the supplemental logon script in a share only available to the group, and then calling it from the normal logon script using CALL path_to_script. However it looks like it always executes that CALL even if the user is not part of a group, and I don't want to confuse my users by the text that goes into the DOS window that pops up to run the logon scripts. Also, somehow I feel like there must be a better way to do this, some way to query Samba for group membership as the user logs in. Also, is there a such thing as a logoff script? Or do I need to put those things in postexec scripts? (things like net use /d *) Thanks for your assistance to this non-Windows user! Misty hi, the simpelst way is to use to create one default script for every user default.bat and write a ifmember statement ( ifmember.exe is in the win resource kit) which leads then to a group.bat. there is also a tool called hidecmd to make the popup at logon unvisible and cpau ( with crypt ) to give admin rights if you desire to implement higher access statements. Regards -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Logon Scripts Fail to Execute at Logon
I am running Samba 3.0.6 with and LDAP backend. Here is the output of pdbedit for my user: pdb_set_logon_script: setting logon script scripts\logon.cmd, was element 4 - now SET While logging in with this account (or any other account), this script never executes. I am able to run it manually, but that doesnt help. Dustin A. Dortch Network Administrator Gilchrist Soames Office Email: HYPERLINK mailto:[EMAIL PROTECTED][EMAIL PROTECTED] Mobile Email: HYPERLINK mailto:[EMAIL PROTECTED][EMAIL PROTECTED] s.com Office Phone: 1.317.786.8286 x423 Mobile Phone: 1.317.809.5794 Fax: 1.317.786.2788 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.757 / Virus Database: 507 - Release Date: 9/9/2004 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Logon scripts and Windows NT
We have Samba 2.2.5 recompiled with LDAP support running on RedHat 8 as PDC. A mixed network of Windows 98 and NT 4 clients log in using it. We have a logon script set to run for all users. It runs fine on 98 clients, but never appears to run on NT. I can access the netlogon share through Network Neighborhood on any NT box and run the script manually and it works. Below is an abbreviated copy of my smb.conf (I have removed comments and unrelated shares) and our logon script. Any recommendations on how to get this running automatically on NT clients would be greatly appreciated. smb.conf: [global] guest ok = yes log level = 0 max mux = 50 kernel oplocks = true workgroup = HOE-MAIN netbios name = RHSERVER1 server string = RH_SERVER_1 deny hosts = 192.168.10.11 192.168.10.12 allow hosts = 192.168.10. 127.0.0. printcap name = /etc/printcap load printers = yes printing = lprng log file = /var/log/samba/%m.log max log size = 2 encrypt passwords = yes unix password sync = Yes passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u passwd chat = *new*password* %n\n *new*password* %n\n *successfully* socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 remote announce = 192.168.10.255 os level = 65 domain master = True preferred master = False domain logons = yes logon script = default.bat wins support = yes dns proxy = no preserve case = yes short preserve case = YES default case = lower case sensitive = no mangle case = yes ldap suffix = dc=HOECOOP,dc=ORG ldap admin dn = cn=manager,dc=HOECOOP,dc=ORG ldap port = 389 ldap server = 127.0.0.1 ldap ssl = No add user script = /usr/local/sbin/smbldap-useradd.pl -w %u domain admin group = @Domain Admins time server = Yes [netlogon] comment = Network Logon Service path = /opt/samba/netlogon logon script: @ECHO off net use u: /delete net use w: /delete net use y: /delete if not %os%!==! goto nt :95 net use h: /delete net use h: \\tuxprint1\pchome net use y: \\rhserver1\dept net use w: \\rhserver1\engineer net use u: \\tuxprint1\programs goto cont :NT net use h: /delete net use h: \\tuxprint1\pchome net use y: \\rhserver1\dept /persistent:no net use w: \\rhserver1\engineer /persistent:no net use u: \\tuxprint1\programs /persistent:no goto cont :cont -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] logon scripts doen't run
Hi all, I have problem with my logon scripts. drwxrwxrwx5 root root 4096 May 2 20:26 . drwxr-xr-x 25 root root 4096 May 3 09:36 .. drwxrwxrwx2 root root 4096 May 2 20:11 netlogon drwxr-xrwt4 root root 4096 May 2 22:14 profiles drwxrwxrwx6 root root 4096 May 2 20:11 shares I store them in netlogon folder. In smb.conf [global] logon script= %G.cmd [netlogon] comment = logon scriptek path= samba/netlogon guest ok= yes writable= no share modes = no browseable = no I have IT, HR, etc group, and of course I have IT.cmd, HR.cmd, etc. They are all r--r--r-- root root. Idea? regards, Roland -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Logon scripts
Hello Urs, I've been experimenting with RunAsP.exe to do exactly what you are suggesting. By using kixtart script processor you can fork part of your clients that login (2000/XP) to runasp.exe. This can switch user context to an administrator, run a program, then return to the user's context. The only drawback is that they charge $ per client machine. The passwords are kept in an encrypted form in a file that can be launched from the netlogon directory. I've evaluated it enough that to determine that I can't do without it. I've tested it for automating Norton AV virus definition updates from login scripts as well as running older programs that write to priveleged directories, but there are many thing it can be used for. Nobody has written a free version to my knowledge, would be a great project. Good luck -- Kent L. Nasveschuk [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Logon Scripts
Hi All, I have a samba pdc that uses login scripts to apply several registry changes. I tried the config.pol and ntconfig.pol and didn't ever seem to find that they were reliably applied. Here is my question. I am able to apply serveral changes for HKEY_CURRENT_USER. HKEY_LOCAL_MACHINE keys seem to be discarded. Is there a different way to apply these? If I run the script from the dos prompt after being logged in, the changes are accepted so it appears the script is not the problem. Thanks in advance, David -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Logon Scripts
To: [EMAIL PROTECTED] Subject: [Samba] Logon Scripts Hi All, I have a samba pdc that uses login scripts to apply several registry changes. I tried the config.pol and ntconfig.pol and didn't ever seem to find that they were reliably applied. Here is my question. I am able to apply serveral changes for HKEY_CURRENT_USER. HKEY_LOCAL_MACHINE keys seem to be discarded. Is there a different way to apply these? If I run the script from the dos prompt after being logged in, the changes are accepted so it appears the script is not the problem. From my very limited experience, people please correct me for both our sakes if I am off mark... It sounds like a permissions problem... Make sure when you logon to check your script works, you do so with a normal user account, rather than with one of your administration accounts. Normal users normally have some reg. entries they are not allowed to change, this the use of the .pol files, which windows trusts if they are in the NetLogon directory. Apart form that, can't offer much else advise. Max. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] logon scripts, shares, and permissions
Hi, RedHat 8 and Samba 2.2.7 I'm a little confused on setting user/group/other permissions on my RedHat box to allow logon scripts to execute, and files to be created/deleted and even listed/read from their shares. In Windows, it was easy to make all shares fully accessible and set permissions using NTFS. What is the best way to set permissions to file system and shares using Linux/Samba? For now, I ran 'chmod 777 -Rf *' on my netlogon folder to solve a problem of certain users not executing their logon scripts, and this solved it. But I think this is overkill... what should be the proper permissions? Thanks, Demian -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Logon Scripts for Mandrake 9.0
From: David Sexton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Fri, 17 Jan 2003 12:16:00 -0500 Subject: [Samba] Logon Scripts for Mandrake 9.0 I was wondering if some one could help me make some basic login scripts and tell me where to place them. I know nothing about them. I am trying to get my windows based mechines to login to my Mandrake 9.0 server This isn't really a samba question, as you can write the login scripts as batch files on a windows machine, and copy them to your samba server. I am sure a google search would turn up a few examples. But most uses for login scripts include mapping shares (net use, see 'net help use' on a windows mahcine) or importing registry settings (regedit /s regfile.reg) or copying files etc. If you need to customise logins scripts per-user, per-machine, per-OS, you may want to try ntlogon, which is in the Mandrake contribs (set yourself up at http://plf.zarb.org/~nanardon if you haven't yet, and you should be able to 'urpmi ntlogon'). Edit the file /etc/ntlogon.conf, it's pretty self-explanatory. Also, uncomment the lines for ntlogon in the netlogon share of the default smb.conf in Mandrake. If you have mangled yours, take a look at: http://ranger.dnsalias.com/mandrake/samba/smb-domain-controller.conf I have windows ME and XP i got ME to login but XP won't. Can some one help That may be a different issue. Firstly, I don't think you can join XP Home to a domain (any domain, NT/2k/samba). Secondly, XP Pro, like NT and 2k requires machine accounts (check that your 'add user script' is setup), and that you join the domain with the root account (unless you are using an LDAP backend on 2.2.x). So, you would need to do 'smbpasswd -a' as root, and when joining the machine use 'root' as the username, and the password you entered for 'smbpasswd -a'. Finally, XP won't connect to a server that doesn't support signing/sealing unless you apply the registry patch, available in the samba-doc package: [bgmilne@bgmilne bgmilne]$ rpm -ql samba-doc |grep -i signorseal /usr/share/doc/samba-doc-2.2.6/docs/Registry/WinXP_SignOrSeal.reg Finally, make sure you have run updates (I have't on this machine as you can see above ...) Buchan -- |Registered Linux User #182071-| Buchan MilneMechanical Engineer, Network Manager Cellphone * Work+27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Logon Scripts for Mandrake 9.0
TEXTAREA NAME=Signature ROWS=4 COLS=60 I was wondering if some one could help me make some basic login scripts and tell me where to place them. I know nothing about them. I am trying to get my windows based mechines to login to my Mandrake 9.0 server I have windows ME and XP i got ME to login but XP won't. Can some one help Thanks David -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba