[GLLUG] Samba - root preexec & login scripts
Matt Graham
danceswithcrows@usa.net
Tue, 29 Oct 2002 10:55:20 -0500
On Tuesday 29 October 2002 08:39, after a long battle with technology,
Sean wrote:
> On Tue, 29 Oct 2002, Mike Rambo wrote:
> > Samba is set up as a domain controller and works
> > fine in that capacity. Manually created scripts are run by the
> > workstation at logon as they should. The relevent section of my
> > smb.conf is...
> >
> > [netlogon]
> > comment = Network Logon Service
> > path = /home/netlogon
> > guest ok = yes
> > read only = yes
> > browseable = no
> > printable = no
> > write list = @adm
> > share modes = no
> > root preexec = /home/netlogon/netlogon.pl %U
> > root postexec = rm -f /home/netlogon/%U.bat
> >
> > ...but doesn't work. I get a 'no domain controller available'
> > message when I try to log in with the root preexec statement in
> > place. Commenting it out will allow the domain login to succeed. I
> > have set log level to 3 but do not see anything in the logs to
> > indicate what is failing. Someone on the samba list suggested to
> > try log level 5
Yeah. Also, what's netlogon.pl doing? If it's short, post it to the
list (making sure to obfuscate any sensitive data, of course.) Maybe
it should log its output to a file....
> Im far from a guru and therefore maybe slightly confused, but I
> thought the preexec script had to be .bat or .cmd files AND if it
> needed to be run at boot it also needed to be in the registry.
The preexec script runs on the Samba server, so it can be anything. The
example referred to in the smb.conf manpage is a csh script. The
script you're thinking of is the thing referred to in the logon script=
parameter, which has to be a .BAT or .CMD file and has to have \r\n
line endings and such. Mike, what's the logon script= parameter in
your smb.conf?
> I was also under the impression that with the preexec scripts were
> run after the drives were mounted but right before they were usuable
> by the user. kind of like an autorun script on a cd.
I'm not sure about that... the manpage doesn't go into detail about it.
However, the Perl script is running as root, so it should be able to do
almost anything to the Samba server. The .BAT / .CMD logon script can
certainly mount SMB shares, and should be able to do whatever DOS
things are necessary.
--
The early bird who catches the worm works for someone who comes in
late and owns the worm farm. --Travis McGee
There is no Darkness in Eternity/But only Light too dim for us to see