Shell script to produce your windows logon scripts

[Author: Francois-Xavier Le Bail. mailto:fx.LeBail@free.fr]
[Document version: 2.1]
[License: GNU General Public License]

You can use a shell script to produce your windows logon scripts :
_One_ script for _all_ your users, groups, computers if you want …

can be useful for :
– software install or update,
– mount administrative share,
– copy initialization files,
– customize the program menu,
– make cleanup in tmp files,
– help maintain classrooms environment,
– etc.

1) the “/usr/local/samba/lib/netlogon/scripts” directory must exist

2) in your smb.conf :

=cut===========================================================================
# Global parameters
[global]

   logon script = scripts\%m.bat
   time server = yes

[netlogon]
   comment = netlogon share
   path = /usr/local/samba/lib/netlogon
   guest ok = no
   writable = no
   write list = admin
   locking = no
; call the shell script (make_logon_script) with parameters :
; %m (machine netbios name) %U (user) %a (architecture) %g (group) %L (server)
; perhaps you prefer : %u, %G, ...
; quote in case of spaces
   root preexec = /usr/local/samba/bin/make_logon_script '%m' '%U' '%a' '%g' '%L'
=cut===========================================================================

3) the shell script (/usr/local/samba/bin/make_logon_script) :

=cut===========================================================================
#!/bin/sh
#
# Generate logon script for windows (or dos)
#
# parameters :
# %m (machine netbios name) %U (user) %a (architecture) %g (group) %L (server)
# $1                        $2        $3                $4         $5

#--------------------------- ERRORS LOG ---------------------------------------
# for the new files
umask 022

SAMBA_DIR=/usr/local/samba

# if you need the errors messages
exec 2>>"$SAMBA_DIR/var/logon_script.err"
# if you prefer the errors messages by machine name, comment the preceding line
# and uncomment :
#exec 2>>"$SAMBA_DIR/var/logon_script.$1.err"

# if you need SHELL DEBUG, in the errors messages file, uncomment :
#set -x

#--------------------------- FUNCTIONS ----------------------------------------
# end of line in windows world : CR+NL
# echo -n "WINDOWS_COMMAND"; echo -e '\r'
# do the trick.
# use "write" to write in the logon script
write () { echo -n "$@"; echo -e '\r'; }

#--------------------------- VARIABLES ----------------------------------------
CLIENT_MACHINE="$1"
USER="$2"
SYSTEM_TYPE="$3"
GROUP="$4"
SERVER_NAME="$5"

SUFFIX=bat

#--------------------------- HEADER -------------------------------------------
SCRIPT="$SAMBA_DIR/lib/netlogon/scripts/$CLIENT_MACHINE.$SUFFIX"

# this redirection mean all the standard output go in the logon script
exec 1>"$SCRIPT"

# to hidden the script, (need "map hidden = yes", see in "man smb.conf")
chmod o+x "$SCRIPT"

#--------------------------- BODY ---------------------------------------------
write "@ECHO off"

write "ECHO."
write "ECHO Type : $SYSTEM_TYPE."
write "ECHO."
write "ECHO Computer : $CLIENT_MACHINE - User : $USER - Group : $GROUP."
write "ECHO."

# perhaps some tools used in the logon script are on the server
write "PATH %path%;\\\\$SERVER_NAME\parameters\bin"

# set the workstation time at the server time
write "NET TIME \\\\$SERVER_NAME /set /yes"

# perhaps you need non persistent connexion
write "NET USE /persistent:no"

# mount the home share
write "NET USE f: \\\\$SERVER_NAME\homes /yes"

# command depend on client machine
case "$CLIENT_MACHINE" in
pc1)
	write "....."
	write "....."
	;;
pc2)
	write "....."
	;;
*)
# other PCs
	write "....."
esac

# mount depend on user
if [ "$USER" = u1 ]; then
	write "NET USE l: \\\\$SERVER_NAME\share1 /yes"
elif [ "$USER" = u2 ]; then
	.....
else
# other users
	write "....."
fi

# mount depend on group
write "NET USE x: \\\\$SERVER_NAME\\$GROUP /yes"

# command depend on system type
if [ "$SYSTEM_TYPE" = Win95 ]; then
	.....
fi

if [ "$SYSTEM_TYPE" = WinNT ]; then
	.....
fi

#--------------------------- IN OUR CLASSROOMS --------------------------------
# example : clients are named xxYYcZZ and printers xxYYpZZ
# xx: building prefix, YY: classroom number, ZZ: identifier numbers
# xxYY est the classroom
CLASSROOM=`expr "$CLIENT_MACHINE" : '\(....\)'`

# common share by classroom
write "NET USE f: \\\\$SERVER_NAME\\${CLASSROOM}common /yes"

# 2 networked laser printers in some classrom ? I need :
# computer 1 to half : printer_1, half+1 to max : printer_2
MACHINE_NUMBER=`expr "$CLIENT_MACHINE" : '.....\(..\)'`
PRINTER_PREFIX="${CLASSROOM}p"

# for the room with only one printer
LIMIT=99

case "$CLASSROOM" in
ka27)
# 14 computers
	LIMIT=7;;
ka28)
# 12 computers
	LIMIT=6;;
esac

if [ "$MACHINE_NUMBER" -le "$LIMIT" ]; then
	PRINTER_NUMBER=01
else
	PRINTER_NUMBER=02
fi

PRINTER="$PRINTER_PREFIX$PRINTER_NUMBER"

write "NET USE lpt1: \\\\$SERVER_NAME\\$PRINTER /yes"
write "ECHO The printer number $PRINTER_NUMBER is connected."
write "ECHO."

# perhaps you need to apply some registry keys
write "REGEDIT /s \\\\$SERVER_NAME\parameters\registry\my_entries.registry"

# admin has special commands
if [ "$USER" = admin ]; then
	.....
	# perhaps you want to change the password the next time, uncomment :
	#if [ "$SYSTEM_TYPE" = WinNT ]; then
	#	write "NET USER admin my_new_passwd"
	#fi
	.....
fi