While searching for a way to limit simultaneous logins to a samba PDC/BDC, I found suggestions about using a preexec script. This makes sense, I could plug such a script in the netlogon share and parse smbstatus or something to find out if the user has already logon. But... What do I do then to deny the logon? Kill the smbd process that is servicing this request? Won't the workstation just try again? Or send a winpopup message?