Re: [Samba] tattooing of tdbsam backend with logon script value

Mon, 17 Oct 2011 19:31:53 -0700 

On 18/10/11 02:29, Harry Jede wrote:

On 15:21:48 wrote Pat Emblen:

On 15/10/11 19:15, Harry Jede wrote:

pdbedit -S ""<user>


Not here, it just sets an empty logon script, it doesn't default back
to the one in smb.conf.

root@sheldon:/home/smb/netlogon# pdbedit -S "" talcom
Unix username:        talcom
NT username:

.

Profile Path:         \\sheldon\profiles\talcom
Domain:               SHELDON

I can see two differences between your acoounts and my:
1. You dont have a "NT Username"



I'm not sure about this, I checked another couple of machines and they 
dont show them either, but they all work.



2. Your "Home Directory" and your "Profile Path" points to the netbios
server name "sheldon", which is identical to your netbios domain name
"SHELDON".



I've been using this machine as a bit of a test box for some scripts. 
Maybe I added 'talcom' before I set the domain up in smb.conf.That 
probably explains the Domain matching the the machine netbios name.

None of the other accounts are like this.


Try to create a new account with:
pdbedit -a newuser

and check it again. Is your Server Name really equal to your workgroup
name?



It didn't change anything ...

#cat /etc/samba/smb.conf |grep 'logon script'
        # Not mandatory with new pylogon script
    logon script = scripts\%U.cmd

# cat scripts/fred.cmd
ECHO hi fred
PAUSE

root@sheldon:/home/smb/netlogon# adduser fred
Adding user `fred' ...
Adding new group `fred' (1014) ...
Adding new user `fred' (1007) with group `fred' ...
Creating home directory `/home/fred' ...
Copying files from `/etc/skel' ...
snip

root@sheldon:/home/smb/netlogon# smbpasswd -a fred
New SMB password:
Retype new SMB password:
Added user fred.

root@sheldon:/home/smb/netlogon# pdbedit -Lvu fred
Unix username:        fred
NT username:
Account Flags:        [U          ]
User SID:             S-1-5-21-3019205139-2287944265-981039286-1018
Primary Group SID:    S-1-5-21-3019205139-2287944265-981039286-513
Full Name:            Fred Flintstone
Home Directory:       \\sheldon\fred
HomeDir Drive:
Logon Script:         scripts\fred.cmd
Profile Path:         \\sheldon\profiles\fred
Domain:               TALBYCOM
Account desc:
Workstations:
Munged dial:
Logon time:           0
Logoff time:          9223372036854775807 seconds since the Epoch
Kickoff time:         9223372036854775807 seconds since the Epoch
Password last set:    Tue, 18 Oct 2011 10:22:40 EST
Password can change:  Tue, 18 Oct 2011 10:22:40 EST
Password must change: never
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

Set a script manually
root@sheldon:/home/smb/netlogon# pdbedit -S "scripts\fred.vbs" -u fred
snip
Home Directory:       \\sheldon\fred
HomeDir Drive:
Logon Script:         scripts\fred.vbs
snip

Try to null it back to default
root@sheldon:/home/smb/netlogon# pdbedit -S "" fred
snip
Home Directory:       \\sheldon\fred
HomeDir Drive:
Logon Script:                         << No good
snip

Tested the account and the logon script does not run
It does run after resetting the account, as I previously described

And FYI....
A new user record from passdb.tdb - gets the default Logon Script

key 12 bytes
USER_zaphod
data 194 bytes
[000] 00 00 00 00 FF FF FF 7F  FF FF FF 7F 00 00 00 00  ........ .......
[010] 36 DC 9C 4E 00 00 00 00  FF FF FF 7F 07 00 00 00  6..N... .......
[020] 7A 61 70 68 6F 64 00 09  00 00 00 54 41 4C 42 59  zaphod.. ...TALBY
[030] 43 4F 4D 00 01 00 00 00  00 07 00 00 00 7A 61 70  COM.... .....zap
[040] 68 6F 64 00 00 00 00 00  00 00 00 00 00 00 00 00  hod.... .......
[050] 00 00 00 00 01 00 00 00  00 01 00 00 00 00 01 00  ....... .......
[060] 00 00 00 01 00 00 00 00  FE 03 00 00 01 02 00 00  ....... .......
[070] 00 00 00 00 10 00 00 00  A2 AC 52 67 41 D3 CB 37  ....... ..RgA..7
[080] EE F2 2A C6 25 1D E4 95  00 00 00 00 10 00 00 00  ..*.%... .......
[090] A8 00 15 00 00 00 20 00  00 00 FF FF FF FF FF FF  ......  ........
[0A0] FF FF FF FF FF FF FF FF  FF FF FF FF FF FF FF 00  ........ .......
[0B0] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 EC 04  ....... ........
[0C0] 00 00                                             .

after pdbedit -S "" -u zaphod

key 12 bytes
USER_zaphod
data 195 bytes
[000] 00 00 00 00 FF FF FF 7F  FF FF FF 7F 00 00 00 00  ........ .......
[010] 36 DC 9C 4E 00 00 00 00  FF FF FF 7F 07 00 00 00  6..N... .......
[020] 7A 61 70 68 6F 64 00 09  00 00 00 54 41 4C 42 59  zaphod.. ...TALBY
[030] 43 4F 4D 00 01 00 00 00  00 07 00 00 00 7A 61 70  COM.... .....zap
[040] 68 6F 64 00 00 00 00 00  00 00 00 00 01 00 00 00  hod.... .......
[050] 00 00 00 00 00 01 00 00  00 00 01 00 00 00 00 01  ....... ........
[060] 00 00 00 00 01 00 00 00  00 FE 03 00 00 01 02 00  ....... .......
[070] 00 00 00 00 00 10 00 00  00 A2 AC 52 67 41 D3 CB  ....... ...RgA..
[080] 37 EE F2 2A C6 25 1D E4  95 00 00 00 00 10 00 00  7..*.%.. .......
[090] 00 A8 00 15 00 00 00 20  00 00 00 FF FF FF FF FF  .......  ........
[0A0] FF FF FF FF FF FF FF FF  FF FF FF FF FF FF FF FF  ........ ........
[0B0] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 EC  ....... ........
[0C0] 04 00 00                                          ..

See the 01 inserted at 04C. That's the only difference.
I suppose they need a way to record:
1. Default Logon Script
2. Specific Logon Script
3. No logon script

I've never used LDAP, so I don't no how it handles the 3 possibilities?

Pat

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba






















					Reply via email to