Project

General

Profile

Feature #657

Support per user logon scripts

Added by rgmhtt almost 11 years ago. Updated almost 11 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
-
Target version:
-
Start date:
10/21/2010
Due date:
% Done:

100%


Description

Once PDC is selected, allow for global or per user logon scripts. For the former it remains:

logon script = logon.bat

For per user it becomes:

logon script = %U.bat

History

#1 Updated by rgmhtt almost 11 years ago

When per user login is enabled create %U.bat files for all current users with the content of:

logon.bat

This makes for a 'default' logon mode. Without these files a user only gets their home directory.

Also modify the add user function to create teh %U.bat default file for this mode.

Note there is the concept of user groups with PDC and group logins, but I don't see the need to add this at this time.

#2 Updated by cpg almost 11 years ago

if these are editable by someone, is that not an issue if we generate them automatically?

or is a better rule that the system only generate them if each does not exist?

same thing with removing - ie. do not remove?

#3 Updated by rgmhtt almost 11 years ago

If they do not exist create them. That is do not override what an admin may have pre-created.

I have created them all from root, they have global read permissions and are working well. Some are customized for the user, others just have the default content.

  1. ls ls /var/hda/domain-settings/netlogon/
    total 44
    4 -rw-r--r-
    1 root root 412 2010-10-22 07:48 abba.bat
    4 rw-r--r- 1 root root 288 2010-10-28 14:23 avrahama.bat
    4 rw-r--r- 1 root root 340 2010-10-28 14:26 esther.bat
    4 rw-r--r- 1 root root 288 2010-10-28 14:24 ezra.bat
    4 rw-r--r- 1 root root 415 2010-10-27 17:57 imma.bat
    4 rwxrwxr-x 1 apache users 288 2009-07-25 01:07 logon.bat
    4 -rw-r--r-
    1 root root 288 2010-10-28 14:24 sarah.bat

My feeling is don't delete them if the user is deleted. I am not sure about this. Do you delete the Unix account completely? If so, then perhaps delete the logon file as well.

#4 Updated by cpg almost 11 years ago

Here is a possible fix. username.bat files are created when a user is created, from the logon.bat.

They are never deleted them. Let's see if that works:

http://alpha.amahi.org/tmp/hda-platform-5.6-2.noarch.rpm

#5 Updated by cpg almost 11 years ago

  • Status changed from New to Feedback
  • Assignee set to rgmhtt

#6 Updated by rgmhtt almost 11 years ago

Here are my observations.

I did not test this on a server NOT configured as a PDC, so I don't know if it behaves properly there (no .bat file created).

I see that you opted for %U.bat as the PDC mode. That is OK in my book. I think this will be better for most PDC users.

I tested creating and then deleting a user. It operated well. I did note two things. First is minor about permissions. I get:

4 -rwxrwxr-x 1 apache users 288 2010-11-01 08:53 test1.bat

with the file name coloured green, and I don't understand the file colour schemes. But the permissions are more than needed:

4 rw-r--r- 1 root root 288 2010-10-28 14:24 ezra.bat

In fact, I would NOT want any user to be able to edit a login script. This caused me to look at /etc/group and I see that group users is ONLY apache and the userID I initially created for the system. None of the users I created with the Amahi interface show as being in group users. Should there be an smbadmin group in the so far non-existent /etc/smb/smbusers file? I will submit this as a separate bug after I research this aspect more.

THe second note is that each user.bat is a full copy of logon.bat. This makes it challenging to change default logon. I would recommend that the user.bat files only have:

logon.bat

in them (with comments). I think this works relative and you don't need pathing information. But I might be wrong. The advantage of this is if the admin wants to add a share to for all users, he only needs to edit logon.bat, rather than all the user.bat files.

#7 Updated by cpg almost 11 years ago

I would recommend that the user.bat files only have: logon.bat in them (with comments)

i dunno what "comments" can be put there. this version generates the above ... just logon.bat in it:

http://alpha.amahi.org/tmp/hda-platform-5.6-3.noarch.rpm

without comments.

#8 Updated by cpg almost 11 years ago

new release:

http://alpha.amahi.org/tmp/hda-platform-5.6-4.noarch.rpm

logon.bat is now root:root and permissions 644 with that rpm above

None of the users I created with the Amahi interface show as being in group users.

hmm? all users are created under the 'users' group automatically

$ groups test1
test1 : users

#9 Updated by rgmhtt almost 11 years ago

  1. rpm -Uvh http://alpha.amahi.org/tmp/hda-platform-5.6-3.noarch.rpm
    Retrieving http://alpha.amahi.org/tmp/hda-platform-5.6-3.noarch.rpm
    curl: (22) The requested URL returned error: 404
    error: skipping http://alpha.amahi.org/tmp/hda-platform-5.6-3.noarch.rpm - transfer failed

And for possible comment:

  1. Initial content generated by Amahi, can be safely customized by Admin

#10 Updated by cpg almost 11 years ago

#11 Updated by rgmhtt almost 11 years ago

OK this works.

I do have to modify the share.rb as per bug 656 (I use h: for my home share and q: for Quicken:) ).

One thing I noticed when deleting a user. You delete /home/user but not /var/hda/domain-settings/profiles/user

I will have to research this, but I think it is best to delete it too.

#12 Updated by Anonymous almost 11 years ago

  • Status changed from Feedback to Closed
  • % Done changed from 0 to 100

Applied in changeset commit:"1ba1ed38f1a5abd40d620f0b0ba3d69262ddb457".

Also available in: Atom