mvwmail
asked on
Logon scripts for Windows 2003
Hello.. I am using logon scripts for the first time.
My AD has some Global Groups under USERS which include the groups "Technical", and "Staff". These groups have access to different folders which I want mapping automatically on login. I have created and shared the fodlers with appropriate permissions / security and tested them.. all ok.
I now want a script that looks at the person logging on, maps them a home drive (this bit works), and then finds out if they are a member of a certain group (you CAN belong to more than one) and give them the appropriate mapping..
I can successfully map a drive WITHOUT a check, thats easy enough..
Here is the script thus far
Const STAFF = "CN=Staff"
Const TECHNICAL = "CN=Technical"
Set wshNetwork = CreateObject("WScript.Netw
wshNetwork.MapNetworkDrive
Set ADSysInfo = CreateObject("ADSystemInfo
Set CurrentUser = GetObject("LDAP://" & ADSysInfo.UserName)
strGroups = LCase(Join(CurrentUser.Mem
If InStr(strGroups, TECHNICAL) Then
wshNetwork.MapNetworkDrive
ElseIf InStr(strGroups, STAFF) Then
wshNetwork.MapNetworkDrive
End If
It does not error at all, maps the H drive OK, just does not map the other drive(s).. I have logged on as a usre in the TECHNICAL group for this..
any help appreciated
My AD has some Global Groups under USERS which include the groups "Technical", and "Staff". These groups have access to different folders which I want mapping automatically on login. I have created and shared the fodlers with appropriate permissions / security and tested them.. all ok.
I now want a script that looks at the person logging on, maps them a home drive (this bit works), and then finds out if they are a member of a certain group (you CAN belong to more than one) and give them the appropriate mapping..
I can successfully map a drive WITHOUT a check, thats easy enough..
Here is the script thus far
Const STAFF = "CN=Staff"
Const TECHNICAL = "CN=Technical"
Set wshNetwork = CreateObject("WScript.Netw
wshNetwork.MapNetworkDrive
Set ADSysInfo = CreateObject("ADSystemInfo
Set CurrentUser = GetObject("LDAP://" & ADSysInfo.UserName)
strGroups = LCase(Join(CurrentUser.Mem
If InStr(strGroups, TECHNICAL) Then
wshNetwork.MapNetworkDrive
ElseIf InStr(strGroups, STAFF) Then
wshNetwork.MapNetworkDrive
End If
It does not error at all, maps the H drive OK, just does not map the other drive(s).. I have logged on as a usre in the TECHNICAL group for this..
any help appreciated
hi,
try this, but change the servers and drive letters and the server names to suit
its fairly easy to follow
this is the logon script that I use. I like it because I can add subroutines into it, and call them from the top by adding a call to the function
Hope this helps.
T
'=========================
'
' NAME: adc_logon.vbs
'
' AUTHOR: xxxxxxxxxxxxxxxxxxxx
' DATE : 6/05/2003
'
' COMMENT: This file must be copied to all domain controlers
'
'=========================
On Error Resume Next
Dim WshNetwork, strUser, Domain, WshShell, Group
' Get the User ID
Set WSHNetwork = WScript.CreateObject("WScr
Domain = WSHNetwork.UserDomain 'nUser means data from Network Object
strUser = ""
While strUser = ""
strUser = WSHNetwork.UserName
Wend
'Call Main procedure to process the user groups information
call main()
' End of logon script
'*************************
'*************************
'*************** sub procedures and Functions **************************
Public Sub Main()
'Main loop to detect group that user belongs to
Set objUser = GetObject("WinNT://" & Domain & "/" & strUser & ",user")
For Each Group In objUser.groups
Select Case Group.Name
Case "Staff"
Call staff()
Case "technical"
Call technical()
End Select
Next 'Group
Set objUser = Nothing
End Sub
'*************************
Sub staff()
Set fso = CreateObject("Scripting.Fi
if fso.FolderExists("C:\Docum
MapDrive "h:", "\\eadc-fs001\home1\" & strUser
else
MapDrive "h:", "\\eadc-fs001\home1"
End If
Set fso = Nothing
MapDrive "P:", "\\eadc-fs001\projects1"
MapDrive "S:", "\\eadc-fs001\shared1"
End Sub
'*************************
Sub technical()
MapDrive "K:", "\\eadc-fs001\acct"
End Sub
'*************************
'*************************
Sub MapDrive(strDrive,strShare
On Error Resume Next
WSHNetwork.MapNetworkDrive
If Err.Number Then
WSHNetwork.RemoveNetworkDr
WSHNetwork.MapNetworkDrive
End If
End Sub
'*************************
'*************************
'End of SubProcedures and Functions
try this, but change the servers and drive letters and the server names to suit
its fairly easy to follow
this is the logon script that I use. I like it because I can add subroutines into it, and call them from the top by adding a call to the function
Hope this helps.
T
'=========================
'
' NAME: adc_logon.vbs
'
' AUTHOR: xxxxxxxxxxxxxxxxxxxx
' DATE : 6/05/2003
'
' COMMENT: This file must be copied to all domain controlers
'
'=========================
On Error Resume Next
Dim WshNetwork, strUser, Domain, WshShell, Group
' Get the User ID
Set WSHNetwork = WScript.CreateObject("WScr
Domain = WSHNetwork.UserDomain 'nUser means data from Network Object
strUser = ""
While strUser = ""
strUser = WSHNetwork.UserName
Wend
'Call Main procedure to process the user groups information
call main()
' End of logon script
'*************************
'*************************
'*************** sub procedures and Functions **************************
Public Sub Main()
'Main loop to detect group that user belongs to
Set objUser = GetObject("WinNT://" & Domain & "/" & strUser & ",user")
For Each Group In objUser.groups
Select Case Group.Name
Case "Staff"
Call staff()
Case "technical"
Call technical()
End Select
Next 'Group
Set objUser = Nothing
End Sub
'*************************
Sub staff()
Set fso = CreateObject("Scripting.Fi
if fso.FolderExists("C:\Docum
MapDrive "h:", "\\eadc-fs001\home1\" & strUser
else
MapDrive "h:", "\\eadc-fs001\home1"
End If
Set fso = Nothing
MapDrive "P:", "\\eadc-fs001\projects1"
MapDrive "S:", "\\eadc-fs001\shared1"
End Sub
'*************************
Sub technical()
MapDrive "K:", "\\eadc-fs001\acct"
End Sub
'*************************
'*************************
Sub MapDrive(strDrive,strShare
On Error Resume Next
WSHNetwork.MapNetworkDrive
If Err.Number Then
WSHNetwork.RemoveNetworkDr
WSHNetwork.MapNetworkDrive
End If
End Sub
'*************************
'*************************
'End of SubProcedures and Functions
ASKER
Looks good... I will look at both later as I am not with the server right now... many thanks
you can also add more groups if you want by adding a case statement, and a call to a new function for the new group..
Two additional options:
1. If you create an OU for each group and place the users there, you can use Active Directory login scripts and anyone in that OU will get access to that drive (through the AD login script). This COULD be done for users in more than one group, but that can get messy as you'd need to create sub OUs within each OU.
2. Use IFMEMBER - available from Microsoft here: http://www.microsoft.com/windows2000/techinfo/reskit/tools/new/ifmember-o.asp - this will do what you want - I used it before myself, only not recently enough to give you exact syntax here.
1. If you create an OU for each group and place the users there, you can use Active Directory login scripts and anyone in that OU will get access to that drive (through the AD login script). This COULD be done for users in more than one group, but that can get messy as you'd need to create sub OUs within each OU.
2. Use IFMEMBER - available from Microsoft here: http://www.microsoft.com/windows2000/techinfo/reskit/tools/new/ifmember-o.asp - this will do what you want - I used it before myself, only not recently enough to give you exact syntax here.
ASKER
Tanilorn
Tried your script.. no erros, but still no mapped drives..
I have confirmed all spelling, capilised where necessary.. even rtied moving the Group around to various places in AD, not that this makes a difference as the group can be anywhere really so long as it is under the domain..
Not a sausage.. not even an error..
Argh!
Tried your script.. no erros, but still no mapped drives..
I have confirmed all spelling, capilised where necessary.. even rtied moving the Group around to various places in AD, not that this makes a difference as the group can be anywhere really so long as it is under the domain..
Not a sausage.. not even an error..
Argh!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
https://www.experts-exchange.com/questions/21130336/login-script-not-running-properly-with-windows-2003.html
See if it provides you a solution.