-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Douglas Phillipson írta:
| I just tested the process/uid check theory. Upon initail login the new
| smbd process is owned by the user but with no activity on any shares it
| switches to being owned by root in a minute. I guess I could use a
| script
Hallo Douglas Phillipson, am Tue, Oct 14, 2003 at 02:07:13PM -0700 hast du folgendes
geschrieben:
I just tested the process/uid check theory. Upon initail login the new
smbd process is owned by the user but with no activity on any shares
it switches to being owned by root in a minute. I
Im trying a root preexec = some script
the script is:
#!/bin/sh
#
exit 1
In the samba log it says:
root preexec gave 1 - connection failing
Closed connection to service netlogon
But I still get logged on.
If I change the 1 to a 4 I get
root preexec gave 4 - connection failing
Closed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I.M.H.O
you could write a root prexec script for your netlogon share, wich would
check for runing smbd with the uid of the connection, and return an
error if there is such. And specifying root prexec close = yes on the
netlogon share, you could deny
I just tested the process/uid check theory. Upon initail login the new
smbd process is owned by the user but with no activity on any shares
it switches to being owned by root in a minute. I guess I could use a
script to touch a file with the users login name or uid and just check
for that
I didn't get any hits on this. Does that mean it's not possible???
Has anyone enforced a single instance login policy somehow? Is this a
reasonable question to ask?
DSP
Douglas Phillipson wrote:
I would like to enforce a policy for a user being only able to login
once anywhere in the
On Mon, 13 Oct 2003, Douglas Phillipson wrote:
I didn't get any hits on this. Does that mean it's not possible???
Has anyone enforced a single instance login policy somehow? Is this a
reasonable question to ask?
This is not possible. There is no way to do this with MS Windows 200x
server -