[Samba] Re: More than one logon script, can I have?
mamue at lb-bbs1.emd.ni.schule.de
mamue at lb-bbs1.emd.ni.schule.de
Fri Sep 19 09:14:25 GMT 2003
> Hi !
>
> On Thu, Sep 18, 2003 at 12:11:10PM +0200, mamue at lb-bbs1.emd.ni.schule.de
> wrote:
>
>> I create all logon script on the fly from ldap. I created a little
>> schema
>> with a script attribute and there I put all DOS-batch commands. At logon
>> time (preexec in [netlogon]) for every user all script-parts for the
>> groups the user belongs to, the room-script (rooms associate to IPs) for
>> the printer connection and at last the script from the user-entry if
>> there
>> is any script attribute are taken from ldap. It doesn't take much CPU
>> power and works since half a year without any faults.
>> I anything does not work ("Can't print!") I can still examine the
>> batch-file.
>
> But which logon-parameters could be used at the logon.
>
> Do I get the full dn ?
No. I use the %u, %I, %m
%u is equal to uid, I map %I manually to the room. With the uid I get all
groups the user belongs to and, if you wish, the branch, he is in.
I tried perl for creating, but I switched very soon to C. Otherwise every
logon would start the perl interpreter. My binary from C-source is just
12488 bytes. The source is a ugly mess, since I am a java programmer...
but anyway, it works and I don't touch the source as long I can avoid it.
Again: I got my private OID from IANA and invented my own schema. These
objectClasses are added to every entry concerned (all posixGroup e.g.)
Malte Müller
More information about the samba
mailing list