Douglas Phillipson
2003-Oct-16 21:23 UTC
[Samba] preexec scripts allowing logon under all conditions in 3.0.1
In an attempt to enforce a single login domain wide. I think preexec scripts will work but when I test a script that returns a "1" the log says I get denied but I still get logged in. Here is the info: ----------------------------------------------------------------------------------------------- [netlogon] comment = Network Logon Service preexec close = yes root preexec close = yes preexec = /home/profiles/test.sh root preexec = /home/profiles/test.sh # root preexec = csh -c 'if [ -f /home/%u/.loggedon ] exit 0' path = /home/netlogon guest ok = no writable = no create mask = 0600 directory mask = 0700 ---------------------------------------------------------------------------------------------- The script test.sh is just: #!/bin/sh # exit 1 -------------------------------------------------------------------------------------------- The samba log says: root preexec gave 1 - connection failing Closed connection to service netlogon But I still get logged on. If I change the "1" to a "4" I get root preexec gave 4 - connection failing Closed connection to service netlogon But I still get logged on. If I change the "1" to a "0" I get no entry in the log and get logged on. The parameter appears to be acknowledged but won't prevent a logon. Any suggestions would be appreciated. Regards DSP