1 <chapter id="AdvancedNetworkManagement">
4 <pubdate>April 3 2003</pubdate>
7 <title>Advanced Network Manangement</title>
10 This section attempts to document peripheral issues that are of great importance to network
11 administrators who want to improve network resource access control, to automate the user
12 environment, and to make their lives a little easier.
16 <title>Remote Server Administration</title>
19 <emphasis>How do I get 'User Manager' and 'Server Manager'?</emphasis>
23 Since I don't need to buy an NT4 Server, how do I get the 'User Manager for Domains',
28 Microsoft distributes a version of these tools called nexus for installation on Windows 9x / Me
29 systems. The tools set includes:
33 <listitem><para>Server Manager</para></listitem>
34 <listitem><para>User Manager for Domains</para></listitem>
35 <listitem><para>Event Viewer</para></listitem>
39 Click here to download the archived file <ulink
40 url="ftp://ftp.microsoft.com/Softlib/MSLFILES/NEXUS.EXE">ftp://ftp.microsoft.com/Softlib/MSLFILES/NEXUS.EXE</ulink>
44 The Windows NT 4.0 version of the 'User Manager for
45 Domains' and 'Server Manager' are available from Microsoft via ftp
46 from <ulink url="ftp://ftp.microsoft.com/Softlib/MSLFILES/SRVTOOLS.EXE">ftp://ftp.microsoft.com/Softlib/MSLFILES/SRVTOOLS.EXE</ulink>
51 <title>Network Logon Script Magic</title>
54 This section needs work. Volunteer contributions most welcome. Please send your patches or updates
55 to <ulink url="mailto:jht@samba.org">John Terpstra</ulink>.
59 There are several opportunities for creating a custom network startup configuration environment.
63 <member>No Logon Script</member>
64 <member>Simple universal Logon Script that applies to all users</member>
65 <member>Use of a conditional Logon Script that applies per user or per group attirbutes</member>
66 <member>Use of Samba's Preexec and Postexec functions on access to the NETLOGON share to create
67 a custom Logon Script and then execute it.</member>
68 <member>User of a tool such as KixStart</member>
72 The Samba source code tree includes two logon script generation/execution tools. See <filename>examples</filename> directory <filename>genlogon</filename> and <filename>ntlogon</filename> subdirectories.
76 The following listings are from the genlogon directory.
80 This is the genlogon.pl file:
87 # Perl script to generate user logon scripts on the fly, when users
88 # connect from a Windows client. This script should be called from smb.conf
89 # with the %U, %G and %L parameters. I.e:
91 # root preexec = genlogon.pl %U %G %L
93 # The script generated will perform
96 # 1. Log the user connection to /var/log/samba/netlogon.log
97 # 2. Set the PC's time to the Linux server time (which is maintained
98 # daily to the National Institute of Standard's Atomic clock on the
100 # 3. Connect the user's home drive to H: (H for Home).
101 # 4. Connect common drives that everyone uses.
102 # 5. Connect group-specific drives for certain user groups.
103 # 6. Connect user-specific drives for certain users.
104 # 7. Connect network printers.
106 # Log client connection
107 #($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
108 ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
109 open LOG, ">>/var/log/samba/netlogon.log";
110 print LOG "$mon/$mday/$year $hour:$min:$sec - User $ARGV[0] logged into $ARGV[1]\n";
113 # Start generating logon script
114 open LOGON, ">/shared/netlogon/$ARGV[0].bat";
115 print LOGON "\@ECHO OFF\r\n";
117 # Connect shares just use by Software Development group
118 if ($ARGV[1] eq "SOFTDEV" || $ARGV[0] eq "softdev")
120 print LOGON "NET USE M: \\\\$ARGV[2]\\SOURCE\r\n";
123 # Connect shares just use by Technical Support staff
124 if ($ARGV[1] eq "SUPPORT" || $ARGV[0] eq "support")
126 print LOGON "NET USE S: \\\\$ARGV[2]\\SUPPORT\r\n";
129 # Connect shares just used by Administration staff
130 If ($ARGV[1] eq "ADMIN" || $ARGV[0] eq "admin")
132 print LOGON "NET USE L: \\\\$ARGV[2]\\ADMIN\r\n";
133 print LOGON "NET USE K: \\\\$ARGV[2]\\MKTING\r\n";
136 # Now connect Printers. We handle just two or three users a little
137 # differently, because they are the exceptions that have desktop
138 # printers on LPT1: - all other user's go to the LaserJet on the
140 if ($ARGV[0] eq 'jim'
141 || $ARGV[0] eq 'yvonne')
143 print LOGON "NET USE LPT2: \\\\$ARGV[2]\\LJET3\r\n";
144 print LOGON "NET USE LPT3: \\\\$ARGV[2]\\FAXQ\r\n";
148 print LOGON "NET USE LPT1: \\\\$ARGV[2]\\LJET3\r\n";
149 print LOGON "NET USE LPT3: \\\\$ARGV[2]\\FAXQ\r\n";
152 # All done! Close the output file.
158 Those wishing to use more elaborate or capable logon processing system should check out the following sites:
162 <member>http://www.craigelachie.org/rhacer/ntlogon</member>
163 <member>http://www.kixtart.org</member>
164 <member>http://support.microsoft.com/default.asp?scid=kb;en-us;189105</member>
168 <title>Adding printers without user intervention</title>
171 Printers may be added automatically during logon script processing through the use of:
174 rundll32 printui.dll,PrintUIEntry /?
177 See the documentation in the Microsoft knowledgebase article no: 189105 referred to above.