Script logon bat

Come here to share your tips and tricks for using Samba4
Locked
User avatar
MaxDagoba
Messages: 5
Registration: Sep 08, 2016 - 10:57

September 8, 2016 - 12:27

Hello everyone,

I am seeking your help with a problem on a logon script.
I configured my samba so that users use a script with their name in .bat (%u.bat) upon login, which is generated on the fly by another script to mount network drives according to groups.

One small problem: the script starts up fine at startup, but it seems to execute certain lines multiple times, and I can't figure out why.
Explanation:
I have my generated logon script which is:

Code: Select all

@echo off
net use /persistent:no * \\ubuntu\test
net use /persistent:no * \\ubuntu\secdir
I tried making a vbs script, it only mounts one of the two drives twice, but I still have one drive duplicated.

If I run the script manually from the network, there are no problems.
When the session opens, the script runs but mounts each reader twice as if it were reading two lines (the personal drive is mounted by Samba beforehand)Picture

Other remarks if I edit the file userI run a .bat file under Windows, and when I log in with this file modified by Windows, it works.

I'm using unix2dos to convert line breaks to Windows format. I've tried with sed and awk with the same result.

Does anyone have any leads?
I'm a bit desperate right now :/
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

September 8, 2016 - 9:18 PM

How do you run the script?

GPO?

With a login script (linked to the user) on the user profile?

In which share are you doing the preexec?
(to mount network drives according to groups.)
You know you can do that in GPOs? You create the GPO, then you select the conditions and then select the group
High
User avatar
MaxDagoba
Messages: 5
Registration: Sep 08, 2016 - 10:57

September 11, 2016 - 2:16 PM

Hello,

My script is executed via Samba with the configuration in smb.conf

Code: Select all

root preexec = bash /opt/scripts/samba/test.sh %U
which generates the user.bat file and then

Code: Select all

logon script = %U.bat
and the users are created with the option

Code: Select all

--script-path="user.bat"
The user.bat script is in the logon folder

Code: Select all

[netlogon]
   path = /var/lib/samba/sysvol/labosol.lan/scripts
with the rights for the user who will use the script.

I'm attaching a copy of the script:

Code: Select all

#!/bin/bash

declare -a testgroup
declare -a tabgroup
declare -a testgroup
declare -a tabgroupexcl
declare -a tabgroupresult
declare -a listusersgroup

#on récupère le hostname
host=${host:=$(uname -n)}
#on enleve le nom de domaine
machine=$(echo "$host" | cut -d'.' -f1 )

# group system à exclure de la liste des groups pour les users
tabgroupexcl=( "cert publishers" "ras and ias servers" "allowed rodc password replication group" "denied rodc password replication group" "dnsadmins" "enterprise read-only domain controllers" "domain admins" "domain users" "domain guests" "domain computers" "domain controllers" "schema admins" "enterprise admins" "group policy creator owners" "read-only domain controllers" "dnsupdateproxy" )

echo "@echo off">/var/lib/samba/sysvol/nom_de_domaine/scripts/"$1".bat

# liste des groupes samba
testgroup=$(wbinfo -g)

# mise en forme de la liste des groupes samba
testgroup=$(echo "$testgroup" | sed -e 's/[a-zA-Z].*\\//')
oldifs=$IFS
igroup=0
while IFS=$'\n' read -a array
do
   tabgroup=( "${tabgroup[@]}" "$array" )
   igroup=$((igroup+1))
done <<< "$testgroup"
IFS=$oldifs

# recherche dans les groupes si l'utilisateur est présent
# si présent on monte le lecteur correspondant au groupe
a=0
for i in "${tabgroup[@]}"
do
   tabgroup[$a]=$(echo "${tabgroup[$a]}" | tr ' ' '_' )
   tabgroupexcl[$a]=$(echo "${tabgroupexcl[$a]}" | tr ' ' '_' )
   
   if test "${tabgroup[$a]}" != "${tabgroupexcl[$a]}"
   then
      tabgroupresult[$a]=$( echo "${tabgroup[$a]}")
      listusersgroup[$a]=$(samba-tool group listmembers "${tabgroup[$a]}")
      if test "${listusersgroup[$a]}" = "$1"
      then
         echo "net use /persistent:no * \\\\$machine\\${tabgroup[$a]}" >>/var/lib/samba/sysvol/nom_de_domaine/scripts/"$1".bat
      fi
   fi
   tabgroup[$a]=$(echo "${tabgroup[$a]}" | tr '_' ' ' )
   tabgroupexcl[$a]=$(echo "${tabgroupexcl[$a]}" | tr '_' ' ' )
   a=$((a+1))
done

# récupération uid user
struid=$(wbinfo -i "$1")
uid=$(echo "$struid" | cut -d ":" -f 3)

#conversion format dos
unix2dos /var/lib/samba/sysvol/nom_de_domaine/scripts/"$1".bat

# droits sur le fichiers pour l'utilisateur
chown "$uid":users /var/lib/samba/sysvol/nom_de_domaine/scripts/"$1".bat
chmod +x /var/lib/samba/sysvol/nom_de_domaine/scripts/"$1".bat

exit 0
I could have done it via GPO but it requires me to have a position in the field with RSAT tools to create a GPO (or maybe it's possible now with Samba4 but I don't know how ^^).

Currently I manage my users and groups with scripts that use samba-tool so I can manage remotely and on the server.
My plan is to later create a simplified web interface to manage all of this with scripts.
High
User avatar
MaxDagoba
Messages: 5
Registration: Sep 08, 2016 - 10:57

September 12, 2016 - 12:43

Well, after a few more tests, it seems to be coming from my Windows 10 (version 14393.105).
I tested it on Windows 8.11 and it works perfectly, no duplicate drives.
I'll have to test it with a clean Windows 10 installation (without any updates) to see if the problem is with the system itself or caused by an update.
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

September 13, 2016 - 7:52 PM

In the "crappy solution" category, :D

you can fix the drive letter in your script.

If, for example, Z:\ is already taken, then it won't create a second drive.

Not an elegant solution, but hey, it works.
High
User avatar
MaxDagoba
Messages: 5
Registration: Sep 08, 2016 - 10:57

September 13, 2016 - 8:02 PM

Yes, I know, but that's not the goal right now.

Once I've created a web interface to manage everything, I'll make a module to assign a drive letter to a reader.

For now, my script is a bit basic.
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

September 13, 2016 - 10:36 PM

Another thing:

Aren't the two of them redundant?

Code: Select all

logon script = %U.bat
And

Code: Select all

--script-path="user.bat"
Simon
High
User avatar
MaxDagoba
Messages: 5
Registration: Sep 08, 2016 - 10:57

September 13, 2016 - 11:26 PM

If.
But I have the impression that
logon script = %U.bat
Is taken into account second or not at all.
I'll have to test that more closely too ^^
High
claricia68
Messages: 1
Registration: March 13, 2018 - 08:51

March 13, 2018 - 08:52

MaxDagoba wrote: September 12, 2016 - 12:43 PM Well, after a few more tests, it seems to be coming from my Windows 10 (version 14393.105).
I tested it on Windows 8.11 and it works without any problems, no duplicate drives.
I'll have to test it with a Windows 10 without any updates to see if it's a system issue or caused by an update.
But the big question is, if we use open-source software, can we still use it? Like me on Linux.
High
Locked

Return to "Tips and Tricks"


  • To go further with WAPT