[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Samba Login Script in LDAP



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 29 Aug 2003, Bruno Tobias Stella wrote:
> Adam Williams wrote:
> > Define an attribute to store the script,  if you don't
> > have an OID I'm willing to define one for you - since
> > this sounds like not a half-bad idea.
> Adam, I have an OID to define this attribute, my tree OID's is
> this:
>
> 1.3.6.1.4.1.17307 - Tribunal Regional do Trabalho da 15ª Região
> 1.3.6.1.4.1.17307.1 - LDAP Elements
> 1.3.6.1.4.1.17307.1.1 - LDAP Attributes
>
> and the OID for this new login script attribute can be
> 1.3.6.1.4.1.17307.1.1.3
>
> But my big problem is, how I define a text attribute. I don't
> know the attribute definition format. Can somebody help me ?

Your big problem is that Windows doesn't know what to do with this
attribute.  The login script code expects a path to a file.  Even in ADS,
native login scripts are stored as files tucked away in the DC's sysvol
under some horrible GUID-named directory and legacy scripts still live in
the same NETLOGON share they always did.

Likewise NDS stores login scripts as separate "stream files".  IIRC it
makes them look like arbitrarily large string-valued attributes and NDS
clients know to ask for them that way.  But I'm not aware of any
directory-enabled logon thingy that doesn't keep the scripts as individual
files, no matter how they are presented.

It would be interesting to know what you expect to gain from all this
effort.  The UMich LDAP list is probably a better place for that
discussion.

- -- 
Mark H. Wood, Lead System Programmer   mwood@IUPUI.Edu
MS Windows *is* user-friendly, but only for certain values of "user".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/

iD8DBQE/T3des/NR4JuTKG8RAmJ5AJ9WxCB8ud0EudXEz7WN2XtiX5VB6QCglOn8
NIHibsNyn74aQUj3w3hjMWM=
=wXZ6
-----END PGP SIGNATURE-----