1.9 Understanding How Login Scripts Work with NetStorage

Novell NetStorage provides secure Internet-based access to files and folders on a NetWare server in your network using either a browser or Microsoft Web Folders (Microsoft's implementation of WebDav). NetStorage authentication relies on the power of eDirectory to provide secure access, so Internet-based access is as secure as accessing files from within the network.

When a user authenticates to NetStorage, the login scripts associated with the eDirectory User object in the primary authentication domain are processed. These login scripts are the same scripts processed by the Novell Client.

However, because login scripts were designed to be processed by the Novell Client on the user’s workstation, some of the defined statement types and script variables cannot be processed by NetStorage. The following is a list of what login script functions are available when users authenticate using NetStorage.

  • NetStorage Looks for MAP Commands: NetStorage processes login scripts in order to find MAP statements. Each MAP statement generates one path into the NetWare file system that the user can access using NetStorage.

    In addition to the MAP command, the IF, THEN, ELSE, END, INCLUDE, and EXIT commands are the only commands recognized by NetStorage. All other login script statements are treated as comments and ignored.

  • Multiple Login Scripts Processed: When a user successfully logs in to the network, one or more login scripts are executed. Login scripts can be obtained from container objects, Profile objects, User objects, or any file or directory object designated by the INCLUDE statement.

  • Authentication to Multiple eDirectory Trees: Users can authenticate to multiple eDirectory trees. One tree is configured as primary. When the user enters a username and password, NetStorage authenticates to the primary tree and, if successful, attempts to authenticate to all other domains.

    Only the login scripts from the primary eDirectory tree are processed. However, one of these login scripts might map to a directory on a server that resides in another tree. Because the user is authenticated to all trees, he will also have access to this directory.

  • eDirectory Variables: The value of an eDirectory attribute of the current User object can be substituted anywhere in the login script. Precede the attribute name with a percent sign (%) and replace any spaces in the attribute name with an underscore (_). The following are some attributes that are useful in login scripts:


    These variables are generally used as part of the MAP statement or the IF statement. For example:



    The eDirectory syntax types supported by NetStorage for these attributes are path, string, and list. In the case of the list syntax, only the first string in the list is used.

    For more specific information on how login scripts are processed by NetStorage, see “Login Script Processing by NetStorage” TID# 10068983.