Solved

excluding machines in login script...

Posted on 2004-04-14
13
942 Views
Last Modified: 2008-02-01
I would like to know the syntax for excluding a machine or a few machines in an IF and or IF...THEN statement in NetWare 6 and 6.5 servers login scripts.
example...

 IF %MACHINE != "MARKETING-001" THEN BEGIN
 #\\XXX.XXX.XXX.XXX\SYS\PUBLIC\BATCHFILES\BATCHFILE.BAT
END
if the machine name does not equal marketing-001 then run this batchfile.
not sure what to use in the %machine spot, on Novell's website they say %machine is for the machine type (?).

Also, if someone has a faster, easier, better way to do this, I am always open to new ideas.

 Thanks,
RBennett
0
Comment
Question by:Ryan Bennett
  • 4
  • 3
  • 3
  • +2
13 Comments
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
It might be easier to discuss better/faster ways of doing this if you tell us exactly what it is you're trying to accomplish. What does BATCHFILE.BAT do?

Do you have ZENworks?
0
 
LVL 3

Expert Comment

by:tthayer
Comment Utility
I use Groups to do this.

Add the users to the specific groups.

on your #\\xxx.xxx.xxx.xxx\sys\public\batchfiles\batchfile.bat  I usually use this syntax

#Command /c \\xxx.xxx.xxx.xxx\sys\public\batchfiles\batchfile.bat


IF MEMBER of "Marketing" THEN
    #Command /c \\xxx.xxx.xxx.xxx\sys\public\batchfiles\batchfile.bat
ELSE IF MEMBER of "SALES" THEN
    #Command /c \\xxx.xxx.xxx.xxx\sys\public\batchfiles\batchfile.bat
ELSE IF MEMBER of "Manufacturing" THEN
    #Command /c \\xxx.xxx.xxx.xxx\sys\public\batchfiles\batchfile.bat
END
0
 

Author Comment

by:Ryan Bennett
Comment Utility
okay,
what I am trying to do is run a batch file on some of the machines in 2 of my sites that will merge a .reg file with the registry (or reghack...) to do any number of things in a pinch. I know it's sloppy to do things this way, but sometimes quick and dirty has to be just that when the fix has to be done right now. But I don't want this ran on all of the machines. So I'd like to know if there is a way to exclude by machine name. I could exclude based on a group membership but user's who's machines that I do want this ran on also login to the machines that I don't want this ran on. Also I know that I could use ZEN to do all of this and then some, but my department has been dragging it's feet on it's deployment. So until that's up and running, throwing a batchfile into the login script every now and then works fine.

 Thanks,
RBennett
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
EEEEEEEE

That's so ...  kludgy - so ... Microsoft-ish!

If you want to identify specific machines, then you probably want to do something like the old "mobile user" workaround - set an environment variable identifying each machine uniquely, then check for specific values.

Search this topic, also.  Someone very microsoftish posted a kludgy batch process for something else that is done so elegantly with Zen...
0
 
LVL 3

Expert Comment

by:tthayer
Comment Utility
Is this a one time thing or something you want based on the user logging in?
0
 
LVL 8

Expert Comment

by:waybadmojo
Comment Utility
%COMPUTERNAME is the variable that you are looking for and yes, you can run commands from a login script utilizing it.

-Mojo
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:Ryan Bennett
Comment Utility
Sorry Mojo, but %COMPUERNAME did not work I also tried COMPUTERNAME & MACHINE & %MACHINE.

 But as for being Microsoft-ish, that may be. As I said before we are working on deploying ZEN, but I work for a state government that has , for reasons that are beyond me, only one tree (consoleone takes forever to load). One tree for every department. It's simply massive. There has been a few Novell reps that said it's one of, if not the largest tree they have seen use their software in a production environment. So maybe that will tell you why it's taking a while to get our ZEN solution up and running correctly. Sometimes you have to do the quick and dirty.

 This method could also be used for other things besides launching batchfiles, just to simply exclude somethings from in the login script on a machine no matter who logs in to it. Like public access machines, testing machines.

Thanks RBennett
0
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
Rbennett,

You don't happen to work for the State of NC, do you?

Having one tree is not the issue, unless it is one tree without any partitioning. ConsoleOne may be slow loading, but that's not due to tree size in a properly partitioned environment; its more likely due to a slow machine, or one with not enough RAM, or a lot of Snap-Ins, or some combination thereof.
0
 
LVL 8

Accepted Solution

by:
waybadmojo earned 250 total points
Comment Utility
Here's a special Mojo crib-note for login scripts:

Copy this into your PERSONAL login script (don't do this for an entire container) and you can see whic variables function under your OS.
Turn off the automatic closing of the login script results and ou wil have a nice output page of all the NW login script identifiers and the corresponding output. (Note that some of these work differently on 95/98 than they do under NT/2000/XP).

%COMPUTERNAME is a valid login script identifier under NT/2000/XP. I made the assumption that you would be using AT LEAST Windows NT for your desktops.

MAP DISPLAY ON
WRITE ""
WRITE "Access Server                       : %ACCESS_SERVER"
WRITE "Account Balance                  : %ACCOUNT_BALANCE"
WRITE "Administrative Assistant         : %ADMINISTRATIVE_ASSISTANT"
WRITE "Allow Unlimited Credit            : %ALLOW_UNLIMITED_CREDIT"
WRITE "Certificate Validity Interval     : %CERTIFICATE_VALIDITY_INTERVAL"
WRITE "CN (Common Name)             : %CN"
WRITE "COMPUTERNAME                  : %COMPUTERNAME"
WRITE "Description                           : %DESCRIPTION"
WRITE "E-Mail Address                     : %EMAIL_ADDRESS"
WRITE "ERROR LEVEL                   : %ERROR_LEVEL"
WRITE "Equivalent To Me                : %EQUIVALENT_TO_ME"
WRITE "Fax Number                         : %FACSIMILE_TELEPHONE_NUMBER"
WRITE "File Server                           : %FILE_SERVER"
WRITE "Full Name                            : %FULL_NAME"
WRITE "Generational Qualifier          : %GENERATIONAL_QUALIFIER"
WRITE "Given Name                        : %GIVEN_NAME"
WRITE "Group Membership              : %GROUP_MEMBERSHIP"
WRITE "Higher Privileges                 : %HIGHER_PRIVILEGES"
WRITE "Home directory                    : %HOME_DIRECTORY"
WRITE "Initials                                  : %INITIALS"
WRITE "L (Locality)                           : %L"
WRITE "Language                            : %LANGUAGE"
WRITE "Last Name                           : %LAST_NAME"
WRITE "Locked By Intruder              : %LOCKED_BY_INTRUDER"
WRITE "Login Alias context              : %LOGIN_ALIAS_CONTEXT"
WRITE "Login Context                      : %LOGIN_CONTEXT"
WRITE "Login Disabled                    : %LOGIN_DISABLED"
WRITE "Login Grace Limit                : %LOGIN_GRACE_LIMIT"
WRITE "Login Grace Remaining      : %LOGIN_GRACE_REMAINING"
WRITE "Login Maximum Simultaneous       : %LOGIN_MAXIMUM_SIMULTANEOUS"
WRITE "Login Name                        : %LOGIN_NAME"
WRITE "Machine                             : %MACHINE"
WRITE "Mailbox ID                          : %MAILBOX_ID"
WRITE "Mailbox Location                : %MAILBOX_LOCATION"
WRITE "Mailstop                             : %MAILSTOP"
WRITE "Message Server                 : %MESSAGE_SERVER"
WRITE "Minimum Account Balance          : %MINIMUM_ACCOUNT_BALANCE"
WRITE "Network Address                : %NETWORK"
WRITE "Network address restriction      : %NETWORK_ADDRESS_RESTRICTION"
WRITE "New Mail                            : %NEW_MAIL"
WRITE "Object Class                       : %OBJECT_CLASS"
WRITE "OS                                     : %OS"
WRITE "OS Version                        : %OS_VERSION"
WRITE "OU (Department)               : %OU"
WRITE "Password Allow Change            : %PASSWORD_ALLOW_CHANGE"
WRITE "Password Expires              : %PASSWORD_EXPIRES"
WRITE "Password Minimum Length          : %PASSWORD_MINIMUM_LENGTH"
WRITE "Password Required           : %PASSWORD_REQUIRED"
WRITE "Password Unique required         : %PASSWORD_UNIQUE_REQUIRED"
WRITE "Passwords Used                : %PASSWORDS_USED"
WRITE "Physical Delivery Office Name    : %PHYSICAL_DELIVERY_OFFICE_NAME"
WRITE "Physical Station                 : %P_STATION"
WRITE "Postal Address                   : %POSTAL_ADDRESS"
WRITE "Postal Code                       : %POSTAL_CODE"
WRITE "Postal Office Box               : %POSTAL_OFFICE_BOX"
WRITE "Private Key                        : %PRIVATE_KEY"
WRITE "Profile                                : %PROFILE"
WRITE "Requester Context            : %REQUESTER_CONTEXT"
WRITE "Requester Version            : %REQUESTER_VERSION"
WRITE "Revision                            : %REVISION"
WRITE "S (State)                            : %S"
WRITE "SA (Street Address)           : %SA"
WRITE "Security Equals                 : %SECURITY_EQUALS"
WRITE "Security Flags                   : %SECURITY_FLAGS"
WRITE "See Also                           : %SEE_ALSO"
WRITE "Server Holds                     : %SERVER_HOLDS"
WRITE "Shell Version                     : %SHELL_VERSION"
WRITE "Short machine type           : %SMACHINE"
WRITE "Station                              : %STATION"
WRITE "Supervisor                        : %SUPERVISOR"
WRITE "Surname                           : %SURNAME"
WRITE "Telephone number           : %TELEPHONE_NUMBER"
WRITE "Title                                  : %TITLE"
WRITE "User ID                             : %USER_ID"
WRITE ""

Following:  Display Last Login Date and Time also other misc time variables

WRITE "Last Login Time                :%LASTLOGINTIME"
note Lastlogintime works differently with the GUI window 95/98/NT login script use
LASTLOGINTIME
on a line all by itself instead, Write "%LASTLOGINTIME" will not work.

WRITE "Greeting time                    : %GREETING_TIME"
WRITE "Hours                               : %HOURS"
WRITE "Hour in military                  : %HOUR24"
WRITE "Minutes                            : %MINUTE"
WRITE "Seconds                          : %SECOND"
WRITE "AM OR PM                      : %AM_PM"
WRITE "DAY                                 : %DAY"
WRITE "Day of the week              : %DAY_OF_WEEK"
WRITE "Number of day of the week        : %NDAY_OF_WEEK"
WRITE "Month                              : %MONTH"
WRITE "Name of Month                : %MONTH_NAME"
WRITE "Year by last two digits      : %SHORT_YEAR"
WRITE "Full Year                          : %YEAR"
Following: Display Environment Variables
WRITE "COMSPEC                      : "; <COMSPEC>
WRITE "NWLANGUAGE             : "; <NWLANGUAGE>
WRITE "TZ (Timezone)                : "; <TZ>
WRITE ""

-Mojo
0
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
mojo, you have WAY too much free time :-)
0
 
LVL 8

Expert Comment

by:waybadmojo
Comment Utility
Hehehe..
This is something I created last year for training the guys and gals that work for me..
I find that visual examples like this are the things that they never forget.

Be honest, you liked it :)
-Mojo

0
 

Author Comment

by:Ryan Bennett
Comment Utility
Thanks,

 I'll give it a try!

 -RBennett
0
 

Author Comment

by:Ryan Bennett
Comment Utility
That's the one! Everything (and then some) that I needed to know.

 Thanks,
RBennett
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Never store passwords in plain text or just their hash: it seems a no-brainier, but there are still plenty of people doing that. I present the why and how on this subject, offering my own real life solution that you can implement right away, bringin…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now