Topic: Remote share auto mount

[tad1214]

I have done some searching for this and most of it came up not even related to what I was searching for.

We have a freebsd server running samba and cups on it with a lot of files people use every day and with a good chunk of hard drive space (just a hair shy of 1 TB)

I want to know, is there a way I can have it setup so based off of their group, it will do a net use for their respective share

i.e. if the group was it
net use y: \\oak\it

if accounting
net use y: \\oak\accounting

so on and so forth.

also, is it possible for me to make everyones home drive on that server too? So basically the only thing the SME server will be for is authentication and log on scripts along with permissions.

i.e. user TDonnelly
net use z: \\oak\net_drive\TDonnelly

if permissions can be set even better!

[mmccarn]

Download the Windows Server 2003 Resource Kit Tools and install it on any of your workstations.

If you use the default installation options, you will now have c:\Program Files\Windows Resource Kits\Tools\ifmember.exe that (on a windows network, anyway!) will test for group membership and can be used in batch files like this:

Re: Login Script group membership - Richard Mueller [MVP]
28-Jun-07 01:27:48

This link explains how to use IfMember:

http://www.microsoft.com/technet/archive/winntas/tips/winntmag/grlogon.mspx?mfr=true

The utility returns errorlevel 1 if the user is a member of the group (or
groups, you can list several). You need to use GoTo statements. For example:

IfMember TestGroup1
if not errorlevel 1 goto step2
rem following 2 mappings done only if user member of TestGroup1.
net use K: "\\servername\groups"
net use P: "\\servername\Apps"

step2:
IfMember "domain admins"
if not errorlevel 1 goto step3
rem drive I: is mapped only if member of "Domain Admins".
net use I: "\\servername\it

step3:

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net

You can find out if ifmember will work for you on a SME domain by running ifmember /l.  If any of your SME groups are listed in the output, you're all set.

As for the "home" drive - you can easily map a drive to any location that includes the logon user name using:

Code: [Select]

net use \\oak\%username%%username% will be expanded to the current user's name during (or after) login.  However, to make this a user's "home" drive, you need to set this as the home drive in the account properties on the server (easy on Windows, I-dont-know-how on SME)

So, maybe something like this:[list=a]

• download and install rktools on one system
• copy ifmember.exe to \\smeserver\netlogon
• add these lines to your login script:

Code: [Select]

\\smeserver\netlogon\ifmember "SMEDomain\it"
if errorlevel 1 net use y: \\oak\it

\\smeserver\netlogon\ifmember "SMEDomain\accounting"
if errorlevel 1 net use y: \\oak\accounting

net use h: \\oak\%username%[/list:o]

This, of course, will give you trouble if anyone is a member of two groups...  I usually use a different drive letter for each group...

Permissions are not set in the login script -- what permissions do you need to set, and is your freebsd box a member of your samba domain?

[tad1214]

As of right now the samba server is a stand alone file server that everyone has access too. I just want to make it so that people can only view/edit their own home folders and groups can only view/edit their groups folders.

Just trying to start making things secure here. It is amazing how much damage one disgruntled employee can do right now. (Not my doing )

[kruhm]

"I want to know, is there a way I can have it setup so based off of their group, it will do a net use for their respective share"

yes. install the contrib loginscript contrib:
http://mirror.contribs.org/smeserver/contribs/jbennett/sme7/loginscript/RPM/smeserver-loginscript-0.2-8.noarch.rpm