[PATCH] Terminal Profile Path settings

Thu Feb 26 14:39:32 GMT 2004

Hi,


In a Terminal Server environment, there are two profile paths :
- the classic profile path 
- the profile path for the TSE 

Samba in its PDC role knows only the first one.


I've made a workarround for the ldap backend.

With two new directives in the configuration :
terminal servers
terminal logon path

And a new attribut in the LDAP samba account : 
sambaTerminalProfilePath

It's not an implementation of the microsoft terminalprofilepath setting
just a workarround to have a different profile path on terminal servers.
If the client machine is in the "terminal servers" list, the profile path
is taken from the sambaTerminalProfilePath attribut of the ldap samba account
or in the "terminal logon path" setting by default (and not from the 
sambaProfilePath or the "logon path" setting).


I know it's not the microsoft behaviour but I have terminal servers and without
that patch I can't use Samba (I have no roaming profiles for workstation users
and for the same users I have a Citrix environnement with a profile...).


---------------------------------
diff -Nru ../samba-3.0.2-ori/source/include/smbldap.h source/include/smbldap.h

--- ../samba-3.0.2-ori/source/include/smbldap.h	Tue Jan  6 22:08:39 2004
+++ source/include/smbldap.h	Wed Feb 18 11:42:56 2004
@@ -91,6 +91,7 @@
 #define LDAP_ATTR_BAD_PASSWORD_COUNT	35
 #define LDAP_ATTR_LOGON_COUNT		36
 #define LDAP_ATTR_MUNGED_DIAL		37
+#define LDAP_ATTR_TERMINAL_PROFILE_PATH		60
 
 typedef struct _attrib_map_entry {
 	int		attrib;
diff -Nru ../samba-3.0.2-ori/source/lib/smbldap.c source/lib/smbldap.c
--- ../samba-3.0.2-ori/source/lib/smbldap.c	Tue Jan  6 22:08:39 2004
+++ source/lib/smbldap.c	Thu Feb 26 09:55:59 2004
@@ -88,6 +88,7 @@
 	{ LDAP_ATTR_HOME_PATH,		"sambaHomePath"		},
 	{ LDAP_ATTR_LOGON_SCRIPT,	"sambaLogonScript"	},
 	{ LDAP_ATTR_PROFILE_PATH,	"sambaProfilePath"	},
+	{ LDAP_ATTR_TERMINAL_PROFILE_PATH,	"sambaTerminalProfilePath"	},
 	{ LDAP_ATTR_DESC,		"description"		},
 	{ LDAP_ATTR_USER_WKS,		"sambaUserWorkstations"	},
 	{ LDAP_ATTR_USER_SID,		LDAP_ATTRIBUTE_SID	},
diff -Nru ../samba-3.0.2-ori/source/param/loadparm.c source/param/loadparm.c
--- ../samba-3.0.2-ori/source/param/loadparm.c	Mon Feb 16 15:39:58 2004
+++ source/param/loadparm.c	Wed Feb 18 12:03:51 2004
@@ -133,6 +133,8 @@
 	char *szUsernameMap;
 	char *szLogonScript;
 	char *szLogonPath;
+	char *szTerminalLogonPath;
+	char *szTerminalServers;
 	char *szLogonDrive;
 	char *szLogonHome;
 	char **szWINSservers;
@@ -1014,6 +1016,8 @@
 
 	{"logon script", P_STRING, P_GLOBAL, &Globals.szLogonScript, NULL, NULL,
FLAG_ADVANCED}, 
 	{"logon path", P_STRING, P_GLOBAL, &Globals.szLogonPath, NULL, NULL,
FLAG_ADVANCED}, 
+	{"terminal logon path", P_STRING, P_GLOBAL, &Globals.szTerminalLogonPath,
NULL, NULL, FLAG_ADVANCED}, 
+	{"terminal servers", P_STRING, P_GLOBAL, &Globals.szTerminalServers, NULL,
NULL, FLAG_ADVANCED}, 
 	{"logon drive", P_STRING, P_GLOBAL, &Globals.szLogonDrive, NULL, NULL,
FLAG_ADVANCED}, 
 	{"logon home", P_STRING, P_GLOBAL, &Globals.szLogonHome, NULL, NULL,
FLAG_ADVANCED}, 
 	{"domain logons", P_BOOL, P_GLOBAL, &Globals.bDomainLogons, NULL, NULL,
FLAG_ADVANCED}, 
@@ -1359,6 +1363,8 @@
 	/* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
 	string_set(&Globals.szLogonHome, "\\\\%N\\%U");
 	string_set(&Globals.szLogonPath, "\\\\%N\\%U\\profile");
+	string_set(&Globals.szTerminalLogonPath, "\\\\%N\\%U\\profile");
+	string_set(&Globals.szTerminalServers, "");
 
 	string_set(&Globals.szNameResolveOrder, "lmhosts wins host bcast");
 	string_set(&Globals.szPasswordServer, "*");
@@ -1646,6 +1652,8 @@
 FN_GLOBAL_STRING(lp_username_map, &Globals.szUsernameMap)
 FN_GLOBAL_CONST_STRING(lp_logon_script, &Globals.szLogonScript)
 FN_GLOBAL_CONST_STRING(lp_logon_path, &Globals.szLogonPath)
+FN_GLOBAL_CONST_STRING(lp_terminal_servers, &Globals.szTerminalServers)
+FN_GLOBAL_CONST_STRING(lp_terminal_logon_path, &Globals.szTerminalLogonPath)
 FN_GLOBAL_CONST_STRING(lp_logon_drive, &Globals.szLogonDrive)
 FN_GLOBAL_CONST_STRING(lp_logon_home, &Globals.szLogonHome)
 FN_GLOBAL_STRING(lp_remote_announce, &Globals.szRemoteAnnounce)
diff -Nru ../samba-3.0.2-ori/source/passdb/pdb_ldap.c source/passdb/pdb_ldap.c
--- ../samba-3.0.2-ori/source/passdb/pdb_ldap.c	Sat Jan 31 16:45:57 2004
+++ source/passdb/pdb_ldap.c	Thu Feb 26 15:20:36 2004
@@ -635,14 +635,38 @@
 		pdb_set_logon_script(sampass, logon_script, PDB_SET);
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct,
entry,
-			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PROFILE_PATH),
profile_path)) 
+/* 
+ * Read access of profile_path
+ * If the client is in the terminal servers list, 
+ * return LDAP_ATTR_TERMINAL_PROFILE_PATH attribut from the entry or 
+ * terminal logon path from the config file by default.
+ *
+ * If the client is not in the terminal servers list,
+ * return LDAP_ATTR_PROFILE_PATH attribute from the entry or 
+ * logon path from the config file by default.
+ * 
+ * */
+	if (!machine_in_list(get_remote_machine_name(), lp_terminal_servers()))
 	{
-		pdb_set_profile_path( sampass, 
-			talloc_sub_basic( sampass->mem_ctx, username, lp_logon_path()),
-			PDB_DEFAULT );
-	} else {
-		pdb_set_profile_path(sampass, profile_path, PDB_SET);
+		if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct,
entry,
+				get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PROFILE_PATH),
profile_path)) 
+		{
+			pdb_set_profile_path( sampass, 
+				talloc_sub_basic( sampass->mem_ctx, username, lp_logon_path()),
+				PDB_DEFAULT );
+		} else {
+			pdb_set_profile_path(sampass, profile_path, PDB_SET);
+		}
+	}else {
+		if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct,
entry,
+				get_userattr_key2string(ldap_state->schema_ver,
LDAP_ATTR_TERMINAL_PROFILE_PATH), profile_path)) 
+		{
+			pdb_set_profile_path( sampass, 
+				talloc_sub_basic( sampass->mem_ctx, username, lp_terminal_logon_path()),
+				PDB_DEFAULT );
+		} else {
+			pdb_set_profile_path(sampass, profile_path, PDB_SET);
+		}
 	}
 
 	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct,
entry, 
@@ -879,10 +903,27 @@
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGON_SCRIPT), 
 			pdb_get_logon_script(sampass));
 
-	if (need_update(sampass, PDB_PROFILE))
-		smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
-			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PROFILE_PATH), 
-			pdb_get_profile_path(sampass));
+/* 
+ * Write access of profile_path
+ * If the client is in the terminal servers list, 
+ * push profile path in the LDAP_ATTR_TERMINAL_PROFILE_PATH attribute in the
entry.
+ *
+ * If the client is not in the terminal servers list,
+ * push profile in the LDAP_ATTR_PROFILE_PATH attribute in the entry.
+ * 
+ * */
+	if (!machine_in_list(get_remote_machine_name(), lp_terminal_servers()))
+	{
+		if (need_update(sampass, PDB_PROFILE))
+			smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
+				get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PROFILE_PATH), 
+				pdb_get_profile_path(sampass));
+	} else {
+		if (need_update(sampass, PDB_PROFILE))
+			smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
+				get_userattr_key2string(ldap_state->schema_ver,
LDAP_ATTR_TERMINAL_PROFILE_PATH), 
+				pdb_get_profile_path(sampass));
+	}
 
 	slprintf(temp, sizeof(temp) - 1, "%li", pdb_get_logon_time(sampass));
 	if (need_update(sampass, PDB_LOGONTIME))
@@ -1348,6 +1389,34 @@
 			       enum pdb_elements element)
 {
 	return IS_SAM_CHANGED(sampass, element);
+}
+
+/* 
+ * Function which returns True if the machine name is in the list "list".
+ * 
+ * */
+BOOL machine_in_list(const char *machine,const char *list)
+{
+	const char *s;
+	BOOL p;
+	char *q;
+	int list_size;
+	if (!machine)
+		return False;
+	
+	if (!list)
+		return False;
+	
+	s = list;
+	list_size = (strlen(s) + 1) * sizeof(char);
+	q = malloc(list_size);
+	for (p = next_token(&s, q, LIST_SEP, (size_t) list_size); p; 
+			p = next_token(&s, q, LIST_SEP, (size_t) list_size)) {
+		if (!strcmp(q,machine))
+			return True;
+	}
+	return False;
+	SAFE_FREE(q);
 }
 
 /**********************************************************************
---------------------------------

-- 
Yohann F.
