Clients running Windows NT and Windows 95 can download and execute logon scripts from an authentication server. Logon scripts are batch files that run automatically when a user logs in. You are required to create logon scripts to configure the network connections and start applications in users' environments. A logon script can call other scripts and executable files that reside in any local or NFS directory.
On Windows NT, you create the logon script, ntlogon.bat, to provide users with the appropriate environment when they log in. On Windows 95, the corresponding file is winlogon.bat.
If the client computer is running over a PPP connection, you will not be able to run the logon scripts (winlogon.bat and ntlogon.bat). If it is necessary to run these batch files, you should run them from within the SNC scripts using the LAUNCH directive. See "SNC Scripts" and "LAUNCH filename [options]".
When a user logs in to a client machine, the client broadcasts to the authentication servers on the network. The authentication servers respond to the broadcast, and the client uses the first server that responds as its authentication server. The client reads the logon script from the server and runs it. The same logon script can be shared by all network users.
Clients can either broadcast for or choose a specific authentication server. Choosing a specific authentication server is recommended because it is the most secure method.
If you create a logon script to be used by all users, store the logon script files on every authentication server on your network.
You can create specialized logon scripts for one or more users. When run, the logon scripts determine the user or group and customize the start up of the Solstice Network Client environment for the specific user or group. In a typical implementation, you would have a group.snc script for each group in your domain and supplemental user.snc scripts for specific users.
Windows NT clients can run logon scripts that contain the Windows NT built-in environment variables. For an example, see Example 6-1.
Use any text editor to create the logon script.
Save the script as winlogon.bat.
Copy winlogon.bat to the /opt/MSPolicy directory on the authentication server.
Use any text editor to create the logon script.
Save the script as ntlogon.bat.
Copy ntlogon.bat to the /opt/MSPolicy directory on the authentication server.
The winlogon.bat and ntlogon.bat files support the same commands as any .bat file.
Example 6-1 is a sample ntlogon.bat logon script that is executed when the user logs in to the client running Windows NT.
REM Sample ntlogon.bat script net use REM REM Set Policy path environment variable set PCNFSDSERVER=space set POLICYPATH=\\%PCNFSDSERVER%\opt\MSPolicy REM REM Invoke globalboot.bat cmd /C %POLICYPATH%\globalboot.bat
The globalboot.bat script in Example 6-2 is called by the ntlogon.bat script.
REM Sample script to set other environment variables set VARIABLE1=test set VARIABLE2=dir mkdir c:\%VARIABLE1%.%VARIABLE2% REM REM Invoke globallogon.bat cmd /C %POLICYPATH%\globallogon.bat
The globallogon.bat script in Example 6-3copies files from saturn to the \tmp\planets directory on the client. The following lines in the globallogon.bat script run user Pat's .bat file in the directory \\home\pat on the server named jupiter.
set USER=pat set HOME=\\jupiter\home\%USER% cmd /C %HOME%\globallogon.bat
To call a logon script for many users, you would need to repeat these lines for each user. If users have identical user names and passwords on UNIX and NT, you can set the built-in NT variable USER to the user's username, and set the variable HOME to the path to the user's home directory on the server, for example, \\jupiter\home\%USER%. The variables %USER% and %USERNAME% are Windows NT variables that dynamically refer to any user.
REM Sample script to do a copy operation copy \\saturn\\Dir1\Dir2\*.* c:\tmp\planets REM REM Now invoke individual user's logon script set USER=pat set HOME=\\jupiter\home\%USER% cmd /C %HOME%\%USER%.bat
The script in Example 6-4 runs an executable over NFS.
REM REM Use predefined NT environment variable dir %SystemRoot% REM Remotely run residing executable. %HOME%\regmon.exe