Bug 477 - Feature Request - logon-skripts in ldapdir
Feature Request - logon-skripts in ldapdir
Product: Samba 3.0
Classification: Unclassified
Component: Build environment
All All
: P2 enhancement
: none
Assigned To: Gerald (Jerry) Carter
Depends on:
  Show dependency treegraph
Reported: 2003-09-18 23:28 UTC by Marc Schoechlin
Modified: 2005-02-08 06:59 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Marc Schoechlin 2003-09-18 23:28:03 UTC
Hi ! 
This is a excerpt of the list "samba@lists.samba.org" - i think this 
would be very useful for sysadmins :-)) 
Best regards 
Marc Schoechlin 
On Thu, Sep 18, 2003 at 12:11:10PM +0200, mamue@lb-bbs1.emd.ni.schule.de wrote: 
> I create all logon script on the fly from ldap. I created a little schema 
> with a script attribute and there I put all DOS-batch commands. At logon 
> time (preexec in [netlogon]) for every user all script-parts for the 
> groups the user belongs to, the room-script (rooms associate to IPs) for 
> the printer connection and at last the script from the user-entry if there 
> is any script attribute are taken from ldap. It doesn't take much CPU 
> power and works since half a year without any faults. 
> I anything does not work ("Can't print!") I can still examine the batch-file. 
The idea of putting the scripts in the ldap-dir is good :-) 
I saw the implementation of this on a novell-netware server. 
They have also a LDAP-server for managing their user-accounts, 
organized as trees, which have notes of locations, division and 
On every hierarchical-level you are able to define logon-skripts. 
If a user does a login, the several skripts at the different levels 
are merged together. 
I this is would be also a great oppertunity for mananging samba-domains. 
Through the dn it is easyly possible to get the informations, and 
to merge the logon-scripts. 
Maybe the standard samba-schema could be extented with that attribute ? 
A script, maybe written in perl, could be executed as pre-exec, 
and can create the logon-script on-the-fly. 
But which logon-parameters could be used at the logon. 
Do I get the full dn ?
Comment 1 Gerald (Jerry) Carter 2005-02-08 06:59:21 UTC
interesting idea.  maybe later.