Solved

Wscript - Check machine OU membership

Posted on 2004-09-22
6
581 Views
Last Modified: 2008-03-10
We run a single login script in our W2K environment at the top level for users, this script performs various actions depending upon group memberships (map drives etc). I need to add a section to the script to perform the following actions:

Check if the user logging on is a member of the Test OU within user departments.
If so ensure the machine they are logging on to is a member of the Desktops\Test OU.
If the machine is from any other OU the users should be logged off.

Here's what I've tried, but it seems to log everyone off, no matter what. Help greatly appreciated. Variables are set further up the script for DIM settings, domain name etc.

'Don't allow Test users to log on to non test machines

      Set sMachineOU = GetObject ("LDAP://cn="&sComputerName&",ou=Test,ou=Desktops,DC="&sDomain&",DC=intra")
            bFoundTestMachine = TRUE
            If Err.Number = E_ADS_OBJECT_NOT_FOUND Then
                  bFoundTestMachine = FALSE
            end if
            
      Set oTestUser = GetObject ("LDAP://cn="&sUserName&",ou=Test,ou=Departments,DC="&sDomain&",DC=intra")
            bFoundTestUser = TRUE
            If Err.Number = E_ADS_OBJECT_NOT_FOUND Then
                  bFoundTestUser = FALSE
            end if
      
      If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
                   sRunner = oshell.run ("Nologon.exe",false)
                  WScript.Sleep 5000
                        sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
                  wscript.quit(1)      
          end if
      Err.Clear
0
Comment
Question by:youre1m
  • 3
  • 3
6 Comments
 
LVL 6

Author Comment

by:youre1m
ID: 12121314
PS. Nologon.exe is a self written .exe that displays a message explaining to the user what is happening, stored within netlogon share.
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 12121999
youre1m
Try this:

'Don't allow Test users to log on to non test machines

     Set sMachineOU = GetObject ("LDAP://cn="&sComputerName&",ou=Test,ou=Desktops,DC="&sDomain&",DC=intra")
          bFoundTestMachine = TRUE
          If Err.Number <> 0 bFoundTestMachine = FALSE
          end if
         
     Set oTestUser = GetObject ("LDAP://cn="&sUserName&",ou=Test,ou=Departments,DC="&sDomain&",DC=intra")
          bFoundTestUser = TRUE
          If Err.Number <> 0 then bFoundTestUser = FALSE
          end if
     
     If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
                sRunner = oshell.run ("Nologon.exe",false)
               WScript.Sleep 5000
                        sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
               wscript.quit(1)    
          end if
     Err.Clear





Cheers

JamesDS
0
 
LVL 6

Author Comment

by:youre1m
ID: 12319291
James,

Sorry about the long delay, I've been working on something else for a while.

I have tried to use your script but get an error message stating a "then" was expected on the line I have put a * next to below. I have tried adding a then but still get the same error message. Any ideas??

Set sMachineOU = GetObject ("LDAP://cn="&sComputerName&",ou=Test,ou=Desktops,DC="&sDomain&",DC=intra")
          bFoundTestMachine = TRUE
          If Err.Number <> 0 bFoundTestMachine = FALSE *
          end if
         
     Set oTestUser = GetObject ("LDAP://cn="&sUserName&",ou=Test,ou=Departments,DC="&sDomain&",DC=intra")
          bFoundTestUser = TRUE
          If Err.Number <> 0 then bFoundTestUser = FALSE
          end if
     
     If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
                sRunner = oshell.run ("Nologon.exe",false)
               WScript.Sleep 5000
                        sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
               wscript.quit(1)    
          end if
     Err.Clear
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 16

Accepted Solution

by:
JamesDS earned 500 total points
ID: 12320558
youre1m
Oops, missing that "then" statement!
Try this

Set sMachineOU = GetObject ("LDAP://cn="&sComputerName&",ou=Test,ou=Desktops,DC="&sDomain&",DC=intra")
          bFoundTestMachine = TRUE
          If Err.Number <> 0 then bFoundTestMachine = FALSE
          end if
         
     Set oTestUser = GetObject ("LDAP://cn="&sUserName&",ou=Test,ou=Departments,DC="&sDomain&",DC=intra")
          bFoundTestUser = TRUE
          If Err.Number <> 0 then bFoundTestUser = FALSE
          end if
     
     If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
                sRunner = oshell.run ("Nologon.exe",false)
               WScript.Sleep 5000
                        sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
               wscript.quit(1)    
          end if
     Err.Clear

Cheers

JamesDS
0
 
LVL 6

Author Comment

by:youre1m
ID: 12337298
Ok, below is what I've found that works, but you can have the points for effort, couldn't get your solution to work.

'Determine whether user is a test User

bTestUser = FALSE

If strUserOU = "test" then
      bTargetuser = TRUE
end if

'Determine Whether machine is in Target Training machine

bTargetMachine = FALSE
If strCompOU = "test machine" then
      bTestMachine = TRUE
end if

If bTestuser = TRUE and bTestMachine = FALSE then
      sRunner = oshell.run ("Nologon.exe",false)
                  WScript.Sleep 5000
                        sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
                  wscript.quit(1)
end if
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 12337556
youre1m

Odd that it fails for you, it works fine here when I mod it for my domain.
Nevertheless, thanks for the points and i'm glad you got it sorted.

Cheers

JamesDS
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article describes how to reset your Windows 10 password when you've forgotten it.
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question