1.4 Creating or Modifying Login Scripts

You can use Novell iManager or ConsoleOne to create login scripts from scratch or from a sample login script that is provided for you. Using a sample login script can help reduce syntax errors and thus reduce the time it takes to create login scripts.

All four types of login scripts use the same conventions, commands, and variables. For more information, see Login Script Commands and Variables.

The main difference in creating Container, Profile, and User login scripts is the object that you select to contain the login scripts. The default login script is not assigned to any object.

  • Container login scripts are assigned to container objects (Organization or Organizational Unit objects).

  • Profile login scripts are assigned to Profile objects. In order for a User object to use a profile login script, you must select that User object and assign it to (make it a trustee) the Profile object.

    IMPORTANT:You must make the user a trustee of the Profile object in order for the User object to be able to access the Profile login script. Failing to do so means that the User object has the command to run the Profile login script but does not have the rights to access it, so the login script does not run.

  • User login scripts are assigned to User objects.

Before you create or modify login scripts, you must have the Write property right to the object that will contain the login script. In addition, the Organization, Organizational Unit, Profile, or User object that you plan to assign the login script to must already exist.

1.4.1 Creating or Modifying Login Scripts in iManager

Creating or Modifying a User Login Script

  1. Click Roles and Tasks > User > Modify User.

  2. Specify a username and context, then click OK.

  3. Click General > Login Script.

  4. Type the login script commands and information in the login script text box.

    For a sample, see Sample Login Scripts.

    IMPORTANT:Make sure that you edit the sample login script to match the server names, directory paths, and specifications of your own network.

    For additional information on all login script commands, see Login Script Commands and Variables.

  5. (Conditional) To associate a Profile login script with this object, specify the Profile object name and context in the Profile field.

    For additional information, see Creating a Profile Login Script.

  6. To save the login script, click OK.

Creating a Container Login Script

  1. Click Roles and Tasks > Directory Administration > Modify Object.

  2. Specify the container and context, then click OK.

  3. Click General > Login Script.

  4. Type the login script commands and information in the login script text box.

    For a sample, see Sample Login Scripts.

    IMPORTANT:Make sure that you edit the sample login script to match the server names, directory paths, and specifications of your own network.

    For additional information on all login script commands, see Login Script Commands and Variables.

  5. (Optional) To associate a Profile login script with this object, specify the Profile object name and context in the Profile field.

    For additional information, see Creating a Profile Login Script.

  6. To save the login script, click OK.

Creating a Profile Login Script

  1. Click Roles and Tasks > Directory Administration > Create Object.

  2. Select Profile, then click OK.

  3. Specify the Profile name and context.

  4. Type the login script commands and information in the login script text box.

    For a sample, see Sample Login Scripts.

    IMPORTANT:Make sure that you edit the sample login script to match the server names, directory paths, and specifications of your own network.

    For additional information on all login script commands, see Login Script Commands and Variables.

  5. Click OK twice.

  6. To associate the Profile with a user, click Roles and Tasks > Users > Modify User.

  7. Specify a username and context, then click OK.

  8. On the General tab, click Login Script.

  9. In the Profile field, specify a profile name and context, then click OK.

1.4.2 Creating or Modifying Login Scripts in ConsoleOne

  1. Double-click the object whose login script you want to create or modify.

    You can create this login script on a Container object, Profile object, or User object.

  2. Click Login Script.

  3. Type the login script commands and information in the login script text box.

    For a sample, see Sample Login Scripts.

    IMPORTANT:Make sure that you edit the sample login script to match the server names, directory paths, and specifications of your own network.

    For additional information on all login script commands, see Login Script Commands and Variables.

  4. To save the login script and close the Details dialog box, click OK.

If the login script that you just created was a container or user login script, you're finished and the client software will be installed or updated the next time users log in.

If the login script that you just created was for a Profile object, you must associate the User object with the Profile object and make the User object a trustee of the Profile object. See the next section, “Associating the User Object with a Profile Object.”

For additional information on all login scripts, see Section 1.4, Creating or Modifying Login Scripts.

Associating the User Object with a Profile Object

  1. Double-click the User object that needs to use the profile login script.

  2. Click Login Script.

  3. Type the name of the Profile object in the Default Profile field located under the login script text box, then click OK.

  4. Add the User object as a trustee of the Profile object by double-clicking the Profile object.

  5. Click NDS Rights > Trustees of This Object > Add Trustee.

  6. Specify the name of the User object that uses this Profile object.

  7. Make sure that the Browse object and the Read Property check boxes are selected, then click OK to assign these rights to the User object.

    The User object is now a trustee of the Profile object and has the rights necessary to run the profile login script.

Repeat these steps for all additional users who need to use this script.

1.4.3 Getting Around the One User and One Profile Login Script Restriction

Users can have only one User profile associated with their User object and can belong to only one Profile object. As a rule, only one User login script and one Profile login script can be executed for any user.

There are ways around this limitation using the Novell Login Window and the PROFILE command. The Novell Login Window allows users to specify additional login scripts to be run during login when they click on the Scripts tab. Here, users can specify scripts that are not a part of their eDirectory User object or, are not associated with a Profile object that they are trustees for.

Also, additional scripts can be run from within the two standard scripts by using the PROFILE command. For more information on the PROFILE command, see Section 3.21, PROFILE.

In addition to using the Novell Login Window or the PROFILE command, you can also assign users to more than one Group object. Use the MEMBER OF group identifier variable to execute different parts of a login script, depending on the Group objects that the user belongs to. To accomplish this, use the IF...THEN command (see Section 3.15, IF...THEN) and the MEMBER OF group identifier variable (see Section 3.2, Using Identifier Variables).

To view an example of the IF...THEN command used with the MEMBER OF group identifier variable, see Sample Login Scripts.