Hi, I was wondering if someone had any thoughts as to why "preexec" doesn't fire when "msdfs proxy" is used? Thank you, Greg Enlow -- Greg Enlow grenlow at hk.mailbox.de On 13 May 2015, at 11:18, Greg Enlow wrote: ok ok ... Names have been changed to protect the inoccent. This installation is being used to mitigate a server migration by providing read-only access to the new shares under the old server name. We have duplicated all the current shares on the new server (NETAPP) as {share name}_ro and created equivalent shares on the SAMBA installation as DFS proxies that point the client to that read-only share. As a neat bell & whistle we had hoped to be able to let the user know that they were using an obsolete URL (server name) by sending them a message/mail/whack on the head. At the moment neither the "root preexec" or the plain "preexec" are doing anything, much to our chagrin. [global] log level = 3 netbios name = COOLIO workgroup = DE security = ADS realm = DE.COOLPLACE.COM dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab encrypt passwords = yes allow trusted domains = yes local master = no domain master = no server services = +smb -s3fs dcerpc endpoint servers = +winreg +srvsvc idmap config *:backend = tdb idmap config *:range = 1100-999999 idmap config DE:backend = rid idmap config DE:range = 1000000 -19999999 idmap config APAC:backend = rid idmap config APAC:range = 20000000-29999999 idmap config EMEA:backend = rid idmap config EMEA:range = 30000000-39999999 winbind use default domain = yes winbind enum users = no winbind enum groups = no winbind nested groups = yes winbind expand groups = 5 winbind refresh tickets = yes winbind max domain connections = 10 create krb5 conf = no template shell = /bin/bash template homedir = /home/%D/%U client NTLMv2 auth = yes printcap name = /dev/null disable spoolss = yes show add printer wizard = no load printers = no host msdfs = yes [Drachenboot$] root preexec = /etc/samba/preexec_root.sh //REALBIGFS/Drachenboot$ %H/Drachenboot %D %U Drachenboot preexec = echo \"%u connected to %S from %m (%I)\" >> /tmp/users.txt msdfs root = yes msdfs proxy = \REALBIGFS\Drachenboot_ro$ read only = yes browseable = no follow symlinks = no hide unreadable = yes -- Greg Enlow grenlow at hk.mailbox.de On 12 May 2015, at 23:02, Rowland Penny wrote: On 12/05/15 20:27, Greg Enlow wrote:> To the powers the might be, > > it seems that the "(root) preexec" function does not work when used with "msdfs proxy". Is that just "my" problem, an error or by design? > If it is by design, I would be curious to know why. > If it is an error, can it be addressed fairly quickly? > If it is none of the above, then what information will be needed to help diagnose "my" issue? > > I don't have the line I use with me for the preexec, but I did attempt the example in he samba man pages > i.e.: > (root) preexec = echo "hello world!" >> /tmp/mycutelog.txt > no worky worky. > > Thanks in advance! > > -- > > Greg Enlow > grenlow at hk.mailbox.de > > > ______________________________________________________________________ > This email has been scanned by the Symantec Email Security.cloud service. > Zu buchen bei Hegel & Koch - http://www.hk-online.de > ______________________________________________________________________More info, more info Post your smb.conf Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. Zu buchen bei Hegel & Koch - http://www.hk-online.de ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. Zu buchen bei Hegel & Koch - http://www.hk-online.de ______________________________________________________________________
Msdfs proxy is pointing to another instance of samba servers, it passes through. I think running preexec there on the other instance will do the trick. Greetings Daniel EDV Daniel M?ller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 T?bingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: mueller at tropenklinik.de Internet: www.tropenklinik.de -----Urspr?ngliche Nachricht----- Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im Auftrag von Greg Enlow Gesendet: Samstag, 16. Mai 2015 10:16 An: samba at lists.samba.org Betreff: Re: [Samba] preexec and msdfs proxy Hi, I was wondering if someone had any thoughts as to why "preexec" doesn't fire when "msdfs proxy" is used? Thank you, Greg Enlow -- Greg Enlow grenlow at hk.mailbox.de On 13 May 2015, at 11:18, Greg Enlow wrote: ok ok ... Names have been changed to protect the inoccent. This installation is being used to mitigate a server migration by providing read-only access to the new shares under the old server name. We have duplicated all the current shares on the new server (NETAPP) as {share name}_ro and created equivalent shares on the SAMBA installation as DFS proxies that point the client to that read-only share. As a neat bell & whistle we had hoped to be able to let the user know that they were using an obsolete URL (server name) by sending them a message/mail/whack on the head. At the moment neither the "root preexec" or the plain "preexec" are doing anything, much to our chagrin. [global] log level = 3 netbios name = COOLIO workgroup = DE security = ADS realm = DE.COOLPLACE.COM dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab encrypt passwords = yes allow trusted domains = yes local master = no domain master = no server services = +smb -s3fs dcerpc endpoint servers +winreg +srvsvc idmap config *:backend = tdb idmap config *:range = 1100-999999 idmap config DE:backend = rid idmap config DE:range = 1000000 -19999999 idmap config APAC:backend = rid idmap config APAC:range = 20000000-29999999 idmap config EMEA:backend = rid idmap config EMEA:range = 30000000-39999999 winbind use default domain = yes winbind enum users = no winbind enum groups = no winbind nested groups = yes winbind expand groups = 5 winbind refresh tickets = yes winbind max domain connections = 10 create krb5 conf = no template shell = /bin/bash template homedir = /home/%D/%U client NTLMv2 auth = yes printcap name = /dev/null disable spoolss = yes show add printer wizard = no load printers = no host msdfs = yes [Drachenboot$] root preexec = /etc/samba/preexec_root.sh //REALBIGFS/Drachenboot$ %H/Drachenboot %D %U Drachenboot preexec = echo \"%u connected to %S from %m (%I)\" >> /tmp/users.txt msdfs root = yes msdfs proxy \REALBIGFS\Drachenboot_ro$ read only = yes browseable = no follow symlinks no hide unreadable = yes -- Greg Enlow grenlow at hk.mailbox.de On 12 May 2015, at 23:02, Rowland Penny wrote: On 12/05/15 20:27, Greg Enlow wrote:> To the powers the might be, > > it seems that the "(root) preexec" function does not work when used with"msdfs proxy". Is that just "my" problem, an error or by design?> If it is by design, I would be curious to know why. > If it is an error, can it be addressed fairly quickly? > If it is none of the above, then what information will be needed to helpdiagnose "my" issue?> > I don't have the line I use with me for the preexec, but I did attempt > the example in he samba man pages > i.e.: > (root) preexec = echo "hello world!" >> /tmp/mycutelog.txt no worky > worky. > > Thanks in advance! > > -- > > Greg Enlow > grenlow at hk.mailbox.de > > > ______________________________________________________________________ > This email has been scanned by the Symantec Email Security.cloud service. > Zu buchen bei Hegel & Koch - http://www.hk-online.de > ______________________________________________________________________More info, more info Post your smb.conf Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. Zu buchen bei Hegel & Koch - http://www.hk-online.de ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. Zu buchen bei Hegel & Koch - http://www.hk-online.de ______________________________________________________________________ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
On 18/05/15 07:36, Daniel M?ller wrote:> Msdfs proxy is pointing to another instance of samba servers, it passes > through. > I think running preexec there on the other instance will do the trick. > > Greetings > Daniel > > > EDV Daniel M?ller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 T?bingen > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: mueller at tropenklinik.de > Internet: www.tropenklinik.de > > > > -----Urspr?ngliche Nachricht----- > Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im > Auftrag von Greg Enlow > Gesendet: Samstag, 16. Mai 2015 10:16 > An: samba at lists.samba.org > Betreff: Re: [Samba] preexec and msdfs proxy > > Hi, > > I was wondering if someone had any thoughts as to why "preexec" doesn't fire > when "msdfs proxy" is used? > > Thank you, > Greg Enlow > > > -- > > Greg Enlow > grenlow at hk.mailbox.de > > > > On 13 May 2015, at 11:18, Greg Enlow wrote: > > ok ok ... > Names have been changed to protect the inoccent. > > This installation is being used to mitigate a server migration by providing > read-only access to the new shares under the old server name. We have > duplicated all the current shares on the new server (NETAPP) as {share > name}_ro and created equivalent shares on the SAMBA installation as DFS > proxies that point the client to that read-only share. As a neat bell & > whistle we had hoped to be able to let the user know that they were using an > obsolete URL (server name) by sending them a message/mail/whack on the head. > At the moment neither the "root preexec" or the plain "preexec" are doing > anything, much to our chagrin. > > > [global] > log level = 3 > > netbios name = COOLIO > workgroup = DE > security = ADS > realm = DE.COOLPLACE.COM > dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and > keytab encrypt passwords = yes allow trusted domains = yes local master = no > domain master = no server services = +smb -s3fs dcerpc endpoint servers > +winreg +srvsvc > > idmap config *:backend = tdb > idmap config *:range = 1100-999999 > > idmap config DE:backend = rid > idmap config DE:range = 1000000 -19999999 > > idmap config APAC:backend = rid > idmap config APAC:range = 20000000-29999999 > > idmap config EMEA:backend = rid > idmap config EMEA:range = 30000000-39999999 > > > winbind use default domain = yes > winbind enum users = no > winbind enum groups = no > winbind nested groups = yes > winbind expand groups = 5 > winbind refresh tickets = yes > winbind max domain connections = 10 > > create krb5 conf = no > > template shell = /bin/bash > template homedir = /home/%D/%U > > client NTLMv2 auth = yes > > printcap name = /dev/null > disable spoolss = yes > show add printer wizard = no > load printers = no > > host msdfs = yes > > [Drachenboot$] > root preexec = /etc/samba/preexec_root.sh //REALBIGFS/Drachenboot$ > %H/Drachenboot %D %U Drachenboot preexec = echo \"%u connected to %S from %m > (%I)\" >> /tmp/users.txt msdfs root = yes msdfs proxy > \REALBIGFS\Drachenboot_ro$ read only = yes browseable = no follow symlinks > no hide unreadable = yes > > -- > > Greg Enlow > grenlow at hk.mailbox.de > > > > On 12 May 2015, at 23:02, Rowland Penny wrote: > > On 12/05/15 20:27, Greg Enlow wrote: >> To the powers the might be, >> >> it seems that the "(root) preexec" function does not work when used with > "msdfs proxy". Is that just "my" problem, an error or by design? >> If it is by design, I would be curious to know why. >> If it is an error, can it be addressed fairly quickly? >> If it is none of the above, then what information will be needed to help > diagnose "my" issue? >> I don't have the line I use with me for the preexec, but I did attempt >> the example in he samba man pages >> i.e.: >> (root) preexec = echo "hello world!" >> /tmp/mycutelog.txt no worky >> worky. >> >> Thanks in advance! >> >> -- >> >> Greg Enlow >> grenlow at hk.mailbox.de >> >> >> ______________________________________________________________________ >> This email has been scanned by the Symantec Email Security.cloud service. >> Zu buchen bei Hegel & Koch - http://www.hk-online.de >> ______________________________________________________________________ > More info, more info > > Post your smb.conf > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > > ______________________________________________________________________ > This email has been scanned by the Symantec Email Security.cloud service. > Zu buchen bei Hegel & Koch - http://www.hk-online.de > ______________________________________________________________________ > > > > ______________________________________________________________________ > This email has been scanned by the Symantec Email Security.cloud service. > Zu buchen bei Hegel & Koch - http://www.hk-online.de > ______________________________________________________________________ > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >I thought along the same line, but did not post because I have never used msdfs and didn't want to appear stupid :-D What the OP could do is to look in /tmp on the possible servers, the preexec command may have written to one of them. Rowland