We run a single login script in our W2K environment at the top level for users, this script performs various actions depending upon group memberships (map drives etc). I need to add a section to the script to perform the following actions:
Check if the user logging on is a member of the Test OU within user departments.
If so ensure the machine they are logging on to is a member of the Desktops\Test OU.
If the machine is from any other OU the users should be logged off.
Here's what I've tried, but it seems to log everyone off, no matter what. Help greatly appreciated. Variables are set further up the script for DIM settings, domain name etc.
'Don't allow Test users to log on to non test machines
Set sMachineOU = GetObject ("LDAP://cn="&sComputerName&",ou=Test,ou=Desktops,DC="&sDomain&",DC=intra")
bFoundTestMachine = TRUE
If Err.Number = E_ADS_OBJECT_NOT_FOUND Then
bFoundTestMachine = FALSE
end if
Set oTestUser = GetObject ("LDAP://cn="&sUserName&",ou=Test,ou=Departments,DC="&sDomain&",DC=intra")
bFoundTestUser = TRUE
If Err.Number = E_ADS_OBJECT_NOT_FOUND Then
bFoundTestUser = FALSE
end if
If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
sRunner = oshell.run ("Nologon.exe",false)
WScript.Sleep 5000
sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
wscript.quit(1)
end if
Err.Clear
Oops, missing that "then" statement!
Try this
Set sMachineOU = GetObject ("LDAP://cn="&sComputerNam
bFoundTestMachine = TRUE
If Err.Number <> 0 then bFoundTestMachine = FALSE
end if
Set oTestUser = GetObject ("LDAP://cn="&sUserName&",
bFoundTestUser = TRUE
If Err.Number <> 0 then bFoundTestUser = FALSE
end if
If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
sRunner = oshell.run ("Nologon.exe",false)
WScript.Sleep 5000
sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
wscript.quit(1)
end if
Err.Clear
Cheers
JamesDS