Hello all, Here's a perl script for enforcing a machine naming policy. It's called as a [root] preexec and causes the connection to be closed on non zero return with '[root] preexec close = yes'. Scans a list of exceptions, returning 0 if any match. Then runs regexps, returning 0 if any match. Then [sys]logs an error and returns 1 (thus closing the connection). Hopefully someone else will find it useful - even if only to have found out about one of the many features that make samba so much better than microsoft smb servers. - samj from smb.conf [root] preexec = /usr/sbin/checkname %m %I %U [root] preexec close = Yes #!/usr/bin/perl # Sam Johnston, Far Edge Technology (samj@faredge.com.au) # checkname <machine> <ip> <user> use Sys::Syslog qw(:DEFAULT setlogsock); $m = lc($ARGV[0]); $I = lc($ARGV[1]); $U = lc($ARGV[2]); #print "machine: $m ip: $I user: $U\n"; foreach $i ( 'office-dom', 'comms-dom', 'svr-dom', 'maint-dom' ) { if ($m eq $i) { exit 0; } } if ($m =~ /res[0-9]-dom/i) { exit 0; } if ($m =~ /[1-3][a-h][1-9]-dom/i) { exit 0; } if ($m =~ /[1-3]t[1-2]-dom/i) { exit 0; } setlogsock('unix'); syslog('info', "samba: connection refused from $m ($I) connecting as $U"); exit 1;