This is a excerpt of the list "email@example.com" - i think this
would be very useful for sysadmins :-))
On Thu, Sep 18, 2003 at 12:11:10PM +0200, firstname.lastname@example.org wrote:
> I create all logon script on the fly from ldap. I created a little schema
> with a script attribute and there I put all DOS-batch commands. At logon
> time (preexec in [netlogon]) for every user all script-parts for the
> groups the user belongs to, the room-script (rooms associate to IPs) for
> the printer connection and at last the script from the user-entry if there
> is any script attribute are taken from ldap. It doesn't take much CPU
> power and works since half a year without any faults.
> I anything does not work ("Can't print!") I can still examine the batch-file.
The idea of putting the scripts in the ldap-dir is good :-)
I saw the implementation of this on a novell-netware server.
They have also a LDAP-server for managing their user-accounts,
organized as trees, which have notes of locations, division and
On every hierarchical-level you are able to define logon-skripts.
If a user does a login, the several skripts at the different levels
are merged together.
I this is would be also a great oppertunity for mananging samba-domains.
Through the dn it is easyly possible to get the informations, and
to merge the logon-scripts.
Maybe the standard samba-schema could be extented with that attribute ?
A script, maybe written in perl, could be executed as pre-exec,
and can create the logon-script on-the-fly.
But which logon-parameters could be used at the logon.
Do I get the full dn ?
interesting idea. maybe later.