Topic: Kixtart Win9x clients - map by groups...

[John Davey]

Hello,

I have approximately 50 users in an existing NT 4.0 PDC environment (Our Corporate location). All users run WIN98 (a few Win95 left but they are going away). I have used SME in 10 of our satellite locations (average 6 users per location) with wonderful results - well except the lack of a journaling file system!!!

I have been attempting to use Kixtart to take advantage of drive mappings by groups in logon scripts, but without success. Currently with our NT PDC, I have about 10 different logon scripts that I have setup for various users that apply drive mappings by group membership.

Particularly, I am having trouble with the IF INGROUP statement in kixtart.kix which is called from netlogon.bat. If I set the INGROUP variable to equal 0 then it maps everything regardless of group membership (because it is a local group I am guessing).

Anyone have any success mapping shares based on group membership with Kixtart SME and WIN9x clients?

Thanks!
John.

Here is an example of Netlogon.bat, and kixtart.kix.

**************************
netlogon.bat
**************************
echo off
net time \h200 /set /yes

rem   mapping drives for all users

net use f: \hosnetnas\f /y
net use g: \hosnetnas\g /y
net use h: \hosnetnas\h /y
net use l: \hosnetnas\l /y
net use m: \hosnetnas\m /y
net use n: \hosnetnas\n /y
net use o: \hosnetnas\agena /y
net use p: /home /yes
net use q: \hosnetnas\quotes /y

@ECHO OFF
if "%PROCESSOR_ARCHITECTURE%"=="" goto 9x
:NT
kix32.exe
:9x
%0\..\kix32.exe

*****************************************
*****************************************
kixtart.kix
*****************************************
; Accounting Secure Users I Drive Map
IF INGROUP("sec_acct") = 0 RUN net use i: \h200\sec_acct
ENDIF

; CADDTP Users K Drive Map
IF INGROUP("caddtp") = 0 RUN net use k: \hosnetnas\k
ENDIF

; Remote S Drive Map
IF INGROUP("remote") = 0 RUN net use s: \hosnetnas\s
ENDIF

; Users DLH V Drive Map
IF INGROUP("mapdave") = 0 RUN net use i: \h200\daveh
ENDIF

; Printer Map================================================

; Suite 3 LaserJet
IF INGROUP("suite3") = 0 RUN net use lpt1: \h200\suite3lj
ENDIF

; Suite 5 LaserJet
IF INGROUP("suite5") = 0 RUN net use lpt1: \h200\suite5lj
ENDIF

; Suite 6 LaserJet
IF INGROUP("suite6") = 0 RUN net use lpt1: \h200\suite6lj
ENDIF

; MC Sales LaserJet
IF INGROUP("salesprt") = 0 RUN net use lpt1: \h200\saleslj
ENDIF

; Customer Service LaserJet
IF INGROUP("custprt") = 0 RUN net use lpt1: \h200\custlj
ENDIF

; Accounting LaserJet
IF INGROUP("act_prt") = 0 RUN net use lpt1: \h200\acctlj
ENDIF

; Accounting Check LaserJet
IF INGROUP("checkprt") = 0 RUN net use lpt1: \h200\actchklj
ENDIF

; Preferred LaserJet
IF INGROUP("prefprt") = 0 RUN net use lpt1: \h200\preflj
ENDIF

; Training Room LaserJet
IF INGROUP("trainprt") = 0 RUN net use lpt1: \h200\trainlj
ENDIF

[Nathan Fowler]

I do a lot of work in Kixtart, if you look at your INGROUP function you are saying "If not INGROUP".  You're mapping drives based on "The user is not a member of a group with this name. You can simply use:

IF INGROUP("caddtp")
   use k: \hosnetnas\k
ENDIF

I"m not sure why you are shelling out to the net.exe function and not using the KixTart "use" equlivent.

Hope this helped,
Nathan

[Bart]

Might be wise to take a look at this contrib:

ftp://ftp.e-smith.org/pub/e-smith/contrib/DanielvanRaay/RPMS/noarch/e-smith-loginscript-0.2-2.noarch.rpm

Did only find rpm-info on the previous version:
http://www.e-smith.org/contrib/rpm-index/RPM-e-smith-loginscript-0.1-1.src.html

Seems to provide all you use, without having to use KixStart.

Bart

[John Davey]

Nathan, thanks for the response. I specified the INGROUP = 0 variable because when I use your example of

IF INGROUP ("caddtp")
use k: \hosnetnas\k
ENDIF

nothing maps (either by calling the Kix USE function, or by calling the NET.EXE function). My understanding was that Kix relies on NT Global Group membership and not local membership. I thought that the = 0 variable specifies local group membership.

I also suspect that for the INGROUP statement to work with WIN9x clients, then you would need to run the Kix RPC service - which I thought only runs as an NT Service. Is this correct?

Thanks again
John.

[Nathan Fowler]

I'm not really sure about the RPC service on the 98X clients, my experience with KixTart is rather limited to NT environments only (thankfully) so I don't know where to point you with that one, I'm sure it's in the installation guide.

The ingroup() function will return the following:
0 - This user is not a member of a group with this name.
1 - This user is a member of a global group with this name;.
2 - This user is a member of a local group with this name.

So, if you are detecting local group memberships you should:
IF INGROUP("MYGROUP") = 2
  USE * "\MYSERVER\MYSHARE"
ENDIF

If this sounds rude, please don't take it that way at all.  I'm not here to blast you or anyone else, only to help, but I believe you will find the KixTart manual VERY helpful, I use it as a reference regularly.  Again, this isn't an "RTFM" response.

Nathan

[John Davey]

Nathan,

RTFM is never rude... just a statement of common sense. When I reviewed the Kixtart docs, it seemed to indicate that RPC was required for INGROUP to function correctly for WIN9x clients.

However I have seen several posts in the KixTart.org bulletin boards that seem to indcate other wise. Here is a snippet from a thread entitled ": Once and for all - IF INGROUP on 9X?"

1******************************************
*******************************************
Is it possible to successfully utilize the INGROUP command to identify group memberships on Win 9X clients, WITHOUT having to run KIXRPC?

2*****************************************
According to email from Ruud the Win9x should be able to decern GLOBAL groups without KXRPC.


3*****************************************
According to an email I got from Ruud, he says you can identify all group membership except local group membership...

I would take that to mean that GLOBAL groups will work (maybe even UNIVERSAL), but NT Member Servers that have their own local groups can not be resolved by a Windows 9x system without the KXRPC service.

******************************************
******************************************

So has anyone has been able to get INGROUP to work with WIN9x clients and SME as the PDC? Are Group Memberships on SME 5.1.2 considered local or global?

Thanks for the help Nathan.

[Steven Curren]

I also had difficulity getting kixstart to generate group drive mappings for windows98 boxes.

What I did was to write a perl script that spooled/created a netlogin.bat, ran it on logon and deleted it afterwards.

The perl script is run via the root preexec. It runs when a connection is made to the share (%U translates to the user name, thus username.bat is created when the connection is run). This creates the batch file and the root postexec deletes the file afterwards.

It requires some maintenance, to account for adding shares, but I have found it to work well.


============= snip from /etc/smb.conf ===========
[netlogon]
comment = Network Logon Service
path = /home/netlogon
guest ok = yes
writable = yes
browseable = no
root preexec = /home/netlogon/genlogon.pl %U %L
root postexec = rm /home/netlogon/%U.bat

===== code of perl script to create the username.bat file ======


#!/usr/bin/perl
#
# genlogon.pl
#
# Perl script to general user logon scripts on the fly, when users connect
# from windows clients. This script should be called from smb.conf with
# the following paramaters:
#    %U - User Name
#    %L - Server Name
# ie root preexec = genlogon.pl %U %L
#
# The script will perform the following:
# 1. Log the user connection to /val/log/samba/netlogon.log
# 2. Set the client workstation to the Linux server time
# 3. Connect the user's home drive to H
# 4. Connect the common drives (I, S)
# 5. Connect the group specific drives (H, I, X, L, M)
# 6. Connect the network printers
#
#log client connection
($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = localtime(time);
open LOG,">>/var/log/samba/netlogon.log";
print LOG "$mday/$mon/$year $hour:$min:$sec - User $ARGV[0] logged into $ARGV[1]\n";
close LOG;

# get the groups a user is a member of
$Groups = groups $ARGV[0];

#start logon script generation
open LOGON, ">/home/netlogon/logon/$ARGV[0].bat";
print LOGON "::\@echo off\r\n";

print LOGON ":: Group membership for $Groups\r\n";

#generate the common drive mappings (incl guest)
print LOGON "net time \$ARGV[1] /set /yes\r\n";
print LOGON "\r\n::Mapping for all logins\r\n";
print LOGON "net use i: \$ARGV[1]\winapps\r\n";
print LOGON "net use s: \$ARGV[1]\documents\r\n";

#generate drive mapping for the Staff group
if ($Groups=~/staff/i)
{
        print LOGON "\r\n::Mapping for the Staff group\r\n";
        print LOGON "net use h: \$ARGV[1]\$ARGV[0]\r\n";
        print LOGON "\r\n::Mapping for the Electrac group\r\n";
        print LOGON "net use l: \$ARGV[1]\electrak\r\n";
}

#generate drive mapping for the Admins group
if ($Groups=~/admins/i)
{
        print LOGON "\r\n::Mapping for the Admins group\r\n";
        print LOGON "net use x: \$ARGV[1]\backups\r\n";
}

#generate the drive mapping for the intranet group
if ($Groups=~/intranet/i)
{
        print LOGON "\r\n::Mapping for the Intranet group\r\n";
        print LOGON "net use n: \$ARGV[1]\Intranet\r\n";
}

#logon script generation complete, closing the output file
close LOGON;

[jose velez]

I install the rpm on the new SME 5.5 and it works perfect and much better than Kixtart and is e-smith native.  Great work for Daniel and thank you for pointing to it.