Topic: netlogon scripts

[jabell]

I have set up a number of IBays for each department in the office; ie accounts / reception / engineering.

Being familiar with windows logon scripts where I can create logon scripts that map drives to specific users or groups of users, I can't see how this can be done with SME.   I can create a general script that maps a share, but that means people from other departments get mapped to say the 'finance' share when I want them to map to the engineering share.
Example: net use P: \\ahrcserver\finance
connects everyone to finance.
Is there a way to have a logon script connect a specific user or group to a share based on their logon name?
I guess I could set up their PCs to 're-connect drive' each time thay logon, but it means setting up every user manually, and a logon script would be better.
If anyone has some examples I could see then I reckon I could sort it out from there.
cheers
John Abell

[ReetP]

Search the forums for netlogon or netlogon.bat

The file can be accessed from a windoze box with \\yourservername\netlogon\netlogon.bat

Depending on your OS and how you set it up, it will run this file on when you login.

In your linux box look for
/home/e-smith/files/samba/netlogon/netlogon.bat

Loads of stuff on the net for the syntax in this file.

HTH

John

[ansentry]

THE FIX FOR SME LOGIN SCRIPT FOR 6.X.X.X

The contribution for login script does not work with 6.x but it can be fix with the ln command. Version 6 stores the netlogon in a /home/e-smith/files/samba/netlogon and ver. 5.6 stores it /home/netlogon. The fix for 6.x is the following

[root @sme6 root] # ln -s /home/e-smith/files/samba/netlogon /home/netlogon

You can download the RPM or do a search for it.

http://www.ibiblio.org/pub/linux/distributions/e-smith/contrib/DanielvanRaay/RPMS/noarch/e-smith-loginscript-0.2-2.noarch.rpm


Example of my login script.

@ECHO OFF

net time \\sme6 /set /yes
net use P: \\sme6\public_sh

#ifg access_gp
net use Y: \\sme6\access_be
#endif

#ifg install_gp
net use I: \\sme6\install_sh
#endif

#ifg myob_gp
net use M: \\sme6\myob_sh
#endif

#ifg templates_gp
net use Y: \\sme6\templates_sh
#endif

[donald]

anyone got this working with 6.0.1 ?

Or something similar ?

[irian]

Using netlogon it will only map a drive letter to the shares that you have rights to.
So if you login as admin and have all rights, you will get all mappings.
If you are a user with right to specific shares, then those are the only ones mapped.

So I make one netlogon.bat file for the whole system.
And it only contains this (example) for the shares:

net use "driveletter": \\servername\sharename


Irian[/i]

[ansentry]

See my post above it works fine with 6.0.1-01

If the user is a member of the Group then they will be connected (mapped) to the applicable ibay.

In my sample you will see;

#ifg myob_gp
net use M: \\sme6\myob_sh
#endif

The "ifg" mean if user is a member of the group
The myob_gp is the name of the Group
The net use "M:\" is the drive letter to use
"sme6" is the name of the server
"myob_sh" is the name of the ibay that you want to share.


irian, is correct
donald yes I have is working on 3 servers.

I have used this type of script since 5.1, but on 6.xx it would not work. I searched or posted here (can't rememeber) and got the answer.Have a look at my post above and it will tell you how to do it.

I am sure that you know that you have to set the permission on each ibay that you want effected by this script. In my example in this post you would have to go  to the ibay myob_sh a via server manager, modify Group = myob_gp User Access etc: Write =Group Read = Group.

[donald]

is a restart of the server required ?

[ansentry]

The answer is probably NO.

Let me explain, after I have setup a new server (including installing the login script) I would reboot before I connect any windows machine to the server. I have never added the required rpm to an SME that was currently being used, so that is why the answer is  "probably"

If I have to change a login script or change a user’s access then the answer is NO, just make the changes in SME and then save. The windows user will have to log off and back on for the changes to take effect.

With your current server do windows users login to the domain? If they do I would think that you could just install the rpm, create your script, and then save in SME, then have your users log off and back on.

Good luck

[p-jones]

Irian

I have a need to create a logon script and I have done what you suggested - 1 script for the whole system.

What I am finding is that all shares are mapped but if I try and open a share for which the user does NOT have permissions then an "Access Denied" message is returned.

I was surprised to see all mappings showing. Is this your experience also ??

I am using an XP pro SP2 wkstation.

Rgds
Peter

[ansentry]

Peter,

I know you reply was to Irian, however may I ask Have you set up Groups on your SME?

In your ibay setup what you have selected under "Group"?

I have mine setup with groups that link to ibays and this is reflected then by my login script (See example above in this post).

[irian]

Is this your experience also ??

ansentry is right.
that is how I set it up too.

Irian

[p-jones]

Hi Gentlemen,

In the iBay setup I have a valid unique group name
In the groups I have several valid users.

These users can access the mapped drive. Other users can see it as a mapped drive (in My Computer) but get "access denied" when trying to access it (double clicking on that drive)

Wierd !!

Rgds
Peter

[irian]

Other users can see it as a mapped drive (in My Computer) but get "access denied" when trying to access it (double clicking on that drive)

In windows do a rightclick on the drives they are not supposed to have access to and then choose disconnect.
Now reboot and see it that solves it.
Windows stores these things forever

Irian

[azche24]

Hi,

Windows stores these things forever

windoze does not, if you put

Code: [Select]

NET USE G: \\SERVER\DATA  /PERSISTENT:NO

and it is not recommended to use the default setting ("/Persistent:YES").

So you can switch to other directories (or other servers) easily.

[bushinc]

Here's what I use...just an example of some of the syntax.

net time \\server /set /yes
net use f: /delete /y
net use f: \\server\primary
net use h: /delete /y
net use h: \\server\homes
net use s: /delete /y
if exist \\server\sharedfiles net use s: \\server\sharedfiles
rem The following is a bat file to copy down a new address book
call "\\server\sharedfiles\is\addressbookcopy.bat" server

[p-jones]

I have been making my mappings non-persistent.

I will try this out again with a clean server and workstation build.

Whilst both have been used as test systems for trialing various other functions, I didn't think either was that dirty.