Topic: Prevent Concurrent Logins

[CH Cheah]

Has anyone found a successfull way to prevent users from loging in more than once with same account, while not restricting them to a fixed pc ? A script perhaps ?

The SME in use is 5.6 and used as a PDC

[pwalter]

This can be accomplished by using a policy file. See the link for nt-policy-samba.zip on http://www.nyetwork.org/wiki/Samba

[Anonymous]

But doesn't a policy run on the Windows box?

However you get it sorted, try to set inactivity timeouts sensibly. I used to prevent concurrent logins on Netware. Worked well, but if a PC crashed it could take up to 5 minutes before Netware automatically cleared the connection - during which time the user could not log back in

[CH Cheah]

Will try to digest the info. Thanks.

[bavel]

I have exactly the same problem running SME 6 and Windows XP clients, using roaming profiles. Preventing concurrent logins can (logically) only be done at SME level when the user logs in; I do not believe that changing anything in the policy of a client pc will do any good. The question is: what needs to be changed in smb.conf or anywhere else in SME to make this work?

[Anonymous]

Found the following after searching.

Quot

It has been said that some form of control can be implemented by modifying the netlogon file.

specify in your netlogon share:

root preexec = somecontrolscript
root preexec close = yes

and in somecontrolscript with the help of smbstatus you could check if there is any connection made by that user.

However there are some side effects, the unreliability of windows clients
(e.g. keeping open connections, to various services, blocked clients, etc.) could cause you lots of problems.

EndQuot

Anyone who has sucessfully implemented this method ?