[PATCH] Terminal Profile Path settings
yohann.fourteau at aitb.org
Sat Feb 28 23:16:39 GMT 2004
Well, in W2000, the settings are not stored in AD but in the SAM.
The userparameters attribute which contains a unicode string :
PCtxCfgPresent㔵攱戰ぢCtxCfgFlags1〰〷㠲〹CtxCallback〰〰〰〰CtxShadow〰〰〰CtxMaxConnectionTime〰〰〰〰CtxMaxDisconnectionTime〰〰〰〰CtxMaxIdleTime〰〰〰〰CtxKeyboardLayout〰〰〰 〰*CtxMinEncryptionLevel CtxWorkDirectory〰 CtxNWLogonServer〰CtxWFHomeDir〰"CtxWFHomeDirDrive〰 CtxWFProfilePath〰"CtxInitialProgram〰"CtxCallbackNumber〰
doesn't contain the whole information.
If you try to change the terminal profile path in the TSE usrmgr.exe (or
in the mmc), the attribute won't really change.
That behaviour change in W2003 (fully LDAP).
It's all that I know...
Le sam 28/02/2004 à 20:49, Alberto Patino a écrit :
> On Sat, 2004-02-28 at 04:53, Andrew Bartlett wrote:
> > On Sat, 2004-02-28 at 21:49, Yohann Fourteau wrote:
> > > Le sam 28/02/2004 à 00:17, Andrew Bartlett a écrit :
> > > > On Sat, 2004-02-28 at 03:35, Simo Sorce wrote:
> > > > > Hello Yohann,
> > > > > just recently a nice contributor helped us to introduce some support for
> > > > > the terminal server settings.
> > > > > They are just a blob of options filled into the former munged dial
> > > > > parameter.
> > > > > We emulated the same thing in our SAM so you will find out these
> > > > > informations are a blob of data base64 encoded in the munged dial
> > > > > parameter in the SAM (ldapsam, tdbsam) once you set them with a terminal
> > > > > server aware usrmgr.exe from a windows workstation.
> > > >
> > > > Given that there are 'user paramters' in this blob that people want to
> > > > set with our tools, should we consider splitting them up into LDAP?
> > > >
> > > > I know this has risk, but being able to set
> > > > sambaTermainlServerProfilePath in LDAP 'directly' would be very useful.
> > > >
> > > > How does TSE identify what strings are what in that blob?
> > >
> Based on net ads user and net ads dn I create a library to add users in
> Active Directory (AD). One important thing to us was to be able to set
> the userParameters attribute also in AD.
> The tscmd.exe tool send a RPC call with the a UNICODE blob? but the BLOB
> returned by a LDAP query to AD returns a chunk of 470 bytes . (Same as
> tscmd.exe with no 0x00 prefix for each byte). When I create an
> SAMAccountPerson in AD I added the userParameters attribute using
> ldap_add with the replica I got from the raw ldap_search() query done by
> net ads dn.
> What I have done is very primitive: I set the TS values from the Active
> Directory User an Computers (Usrmgr.exe ?) with the values I want to set
> then I use the net ads dn to get the blob for the userParameters value
> and then I capture this blob and I add the same blob with LDAP.
> However I didn't get any clue to parse the userParameters blob. I tried
> to figure out how to handle this chunck of bytes with the TS parameters
> but I couldn't.
> char userParametersUTF8 =
> /* ==> In the following line the second and third */
> /* byte could have the following values */
> /* Connect client drivers at logon (a) */
> /* 0x80,0xb9 */
> /* Connect client printers at logon (b) */
> /* 0x80,0xb5 */
> /* Default to main client printer (c) */
> /* 0x80,0xb3 */
> /* Environment Tab - Window Properties A */
> /* No options set: */
> /* 0x80,0xb1 */
> /* All options set: */
> /* 0x81,0xa6 */
> /* Other combination */
> /* a + b = 0x81,0xa4 */
> /* a + c = 0x81,0xa2 */
> /* a + b + c = 0x81,0xa6 */
> /* b + c = 0x80,0xb7 */
> > > I understand why I didn't find what I want in the code :) Now I know.
> > >
> > > Maybe we can manipulate the blob in the attribute. I have to make a user
> > > interface in LDAP/php to set that kind of parameters. Is there a
> > > documentation about filling that attribute manualy (I just need the
> > > syntax) ? (If not I will look at the code :).
> > No, that is my point. We currently don't touch the internals of that
> > blob - we just get and set that value, as per what the MS client
> > requests. You would need to work out the syntax.
> > Simo also had some other bugs he tripped across in this area, so keep in
> > touch - we really do want this to work.
> > Andrew Bartlett
More information about the samba-technical