mirror of
https://github.com/samba-team/samba.git
synced 2025-01-07 17:18:11 +03:00
24905ba82d
The constant mark applied to types "string" and "ustring". The previous patches in this patchset already markes all string options as either constant or substituted, but it's still possible to add options or change existing ones to be neither constant nor substituted. In order to enforce strings to be either constant or substitued, remove the explicit constant marker. Instead, any option that is not marked as substituted is implicitly made constant. This patch doesn't change behaviour and all generated files are the same before and after this change. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
55 lines
2.4 KiB
XML
55 lines
2.4 KiB
XML
<samba:parameter name="logon script"
|
|
context="G"
|
|
type="string"
|
|
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
|
<description>
|
|
<para>
|
|
This parameter specifies the batch file (<filename>.bat</filename>) or NT command file
|
|
(<filename>.cmd</filename>) to be downloaded and run on a machine when a user successfully logs in. The file
|
|
must contain the DOS style CR/LF line endings. Using a DOS-style editor to create the file is recommended.
|
|
</para>
|
|
|
|
<para>
|
|
The script must be a relative path to the <smbconfsection name="[netlogon]"/> service. If the [netlogon]
|
|
service specifies a <smbconfoption name="path"/> of <filename
|
|
moreinfo="none">/usr/local/samba/netlogon</filename>, and <smbconfoption name="logon
|
|
script">STARTUP.BAT</smbconfoption>, then the file that will be downloaded is:
|
|
<programlisting>
|
|
/usr/local/samba/netlogon/STARTUP.BAT
|
|
</programlisting>
|
|
</para>
|
|
|
|
<para>
|
|
The contents of the batch file are entirely your choice. A suggested command would be to add <command
|
|
moreinfo="none">NET TIME \\SERVER /SET /YES</command>, to force every machine to synchronize clocks with the
|
|
same time server. Another use would be to add <command moreinfo="none">NET USE U: \\SERVER\UTILS</command>
|
|
for commonly used utilities, or
|
|
<programlisting>
|
|
<userinput>NET USE Q: \\SERVER\ISO9001_QA</userinput>
|
|
</programlisting>
|
|
for example.
|
|
</para>
|
|
|
|
<para>
|
|
Note that it is particularly important not to allow write access to the [netlogon] share, or to grant users
|
|
write permission on the batch files in a secure environment, as this would allow the batch files to be
|
|
arbitrarily modified and security to be breached.
|
|
</para>
|
|
|
|
<para>
|
|
This option takes the standard substitutions, allowing you to have separate logon scripts for each user or
|
|
machine.
|
|
</para>
|
|
|
|
<para>
|
|
This option is only useful if Samba is set up as a logon server in a classic domain controller role.
|
|
If Samba is set up as an Active Directory domain controller, LDAP attribute <filename moreinfo="none">scriptPath</filename>
|
|
is used instead. For configurations where <smbconfoption name="passdb backend">ldapsam</smbconfoption> is in use,
|
|
this option only defines a default value in case LDAP attribute <filename moreinfo="none">sambaLogonScript</filename>
|
|
is missing.
|
|
</para>
|
|
</description>
|
|
<value type="default"></value>
|
|
<value type="example">scripts\%U.bat</value>
|
|
</samba:parameter>
|