Hi ! This is a excerpt of the list "samba@lists.samba.org" - i think this would be very useful for sysadmins :-)) Best regards Marc Schoechlin -------------------------------------------------------- On Thu, Sep 18, 2003 at 12:11:10PM +0200, mamue@lb-bbs1.emd.ni.schule.de wrote: > I create all logon script on the fly from ldap. I created a little schema > with a script attribute and there I put all DOS-batch commands. At logon > time (preexec in [netlogon]) for every user all script-parts for the > groups the user belongs to, the room-script (rooms associate to IPs) for > the printer connection and at last the script from the user-entry if there > is any script attribute are taken from ldap. It doesn't take much CPU > power and works since half a year without any faults. > I anything does not work ("Can't print!") I can still examine the batch-file. The idea of putting the scripts in the ldap-dir is good :-) I saw the implementation of this on a novell-netware server. They have also a LDAP-server for managing their user-accounts, organized as trees, which have notes of locations, division and users. On every hierarchical-level you are able to define logon-skripts. If a user does a login, the several skripts at the different levels are merged together. I this is would be also a great oppertunity for mananging samba-domains. Through the dn it is easyly possible to get the informations, and to merge the logon-scripts. Maybe the standard samba-schema could be extented with that attribute ? A script, maybe written in perl, could be executed as pre-exec, and can create the logon-script on-the-fly. But which logon-parameters could be used at the logon. Do I get the full dn ?
interesting idea. maybe later.