Support per user logon scripts
Once PDC is selected, allow for global or per user logon scripts. For the former it remains:
logon script = logon.bat
For per user it becomes:
logon script = %U.bat
#1 Updated by rgmhtt over 10 years ago
When per user login is enabled create %U.bat files for all current users with the content of:
This makes for a 'default' logon mode. Without these files a user only gets their home directory.
Also modify the add user function to create teh %U.bat default file for this mode.
Note there is the concept of user groups with PDC and group logins, but I don't see the need to add this at this time.
#3 Updated by rgmhtt over 10 years ago
If they do not exist create them. That is do not override what an admin may have pre-created.
I have created them all from root, they have global read permissions and are working well. Some are customized for the user, others just have the default content.
ls /var/hda/domain-settings/netlogon/1 root root 412 2010-10-22 07:48 abba.bat
rw-r--r-1 root root 288 2010-10-28 14:23 avrahama.bat
rw-r--r-1 root root 340 2010-10-28 14:26 esther.bat
rw-r--r-1 root root 288 2010-10-28 14:24 ezra.bat
rw-r--r-1 root root 415 2010-10-27 17:57 imma.bat
rwxrwxr-x 1 apache users 288 2009-07-25 01:07 logon.bat1 root root 288 2010-10-28 14:24 sarah.bat
My feeling is don't delete them if the user is deleted. I am not sure about this. Do you delete the Unix account completely? If so, then perhaps delete the logon file as well.
#4 Updated by cpg over 10 years ago
Here is a possible fix. username.bat files are created when a user is created, from the logon.bat.
They are never deleted them. Let's see if that works:
#6 Updated by rgmhtt over 10 years ago
Here are my observations.
I did not test this on a server NOT configured as a PDC, so I don't know if it behaves properly there (no .bat file created).
I see that you opted for %U.bat as the PDC mode. That is OK in my book. I think this will be better for most PDC users.
I tested creating and then deleting a user. It operated well. I did note two things. First is minor about permissions. I get:
4 -rwxrwxr-x 1 apache users 288 2010-11-01 08:53 test1.bat
with the file name coloured green, and I don't understand the file colour schemes. But the permissions are more than needed:
rw-r--r- 1 root root 288 2010-10-28 14:24 ezra.bat
In fact, I would NOT want any user to be able to edit a login script. This caused me to look at /etc/group and I see that group users is ONLY apache and the userID I initially created for the system. None of the users I created with the Amahi interface show as being in group users. Should there be an smbadmin group in the so far non-existent /etc/smb/smbusers file? I will submit this as a separate bug after I research this aspect more.
THe second note is that each user.bat is a full copy of logon.bat. This makes it challenging to change default logon. I would recommend that the user.bat files only have:
in them (with comments). I think this works relative and you don't need pathing information. But I might be wrong. The advantage of this is if the admin wants to add a share to for all users, he only needs to edit logon.bat, rather than all the user.bat files.
#7 Updated by cpg over 10 years ago
I would recommend that the user.bat files only have: logon.bat in them (with comments)
i dunno what "comments" can be put there. this version generates the above ... just logon.bat in it:
#8 Updated by cpg over 10 years ago
logon.bat is now root:root and permissions 644 with that rpm above
None of the users I created with the Amahi interface show as being in group users.
hmm? all users are created under the 'users' group automatically
$ groups test1 test1 : users
#9 Updated by rgmhtt over 10 years ago
- rpm -Uvh http://alpha.amahi.org/tmp/hda-platform-5.6-3.noarch.rpm
curl: (22) The requested URL returned error: 404
error: skipping http://alpha.amahi.org/tmp/hda-platform-5.6-3.noarch.rpm - transfer failed
And for possible comment:
- Initial content generated by Amahi, can be safely customized by Admin
#10 Updated by cpg over 10 years ago
latest is this:
#11 Updated by rgmhtt over 10 years ago
OK this works.
I do have to modify the share.rb as per bug 656 (I use h: for my home share and q: for Quicken:) ).
One thing I noticed when deleting a user. You delete /home/user but not /var/hda/domain-settings/profiles/user
I will have to research this, but I think it is best to delete it too.
Also available in: Atom