Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.
Course Of The Month
6 days, 22 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Wscript - Check machine OU membership
Posted on 2004-09-22
We run a single login script in our W2K environment at the top level for users, this script performs various actions depending upon group memberships (map drives etc). I need to add a section to the script to perform the following actions:
Check if the user logging on is a member of the Test OU within user departments.
If so ensure the machine they are logging on to is a member of the Desktops\Test OU.
If the machine is from any other OU the users should be logged off.
Here's what I've tried, but it seems to log everyone off, no matter what. Help greatly appreciated. Variables are set further up the script for DIM settings, domain name etc.
'Don't allow Test users to log on to non test machines
Set sMachineOU = GetObject ("LDAP://cn="&sComputerNam
bFoundTestMachine = TRUE
If Err.Number = E_ADS_OBJECT_NOT_FOUND Then
bFoundTestMachine = FALSE
end if
Set oTestUser = GetObject ("LDAP://cn="&sUserName&",
bFoundTestUser = TRUE
If Err.Number = E_ADS_OBJECT_NOT_FOUND Then
bFoundTestUser = FALSE
end if
If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
sRunner = oshell.run ("Nologon.exe",false)
WScript.Sleep 5000
sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
wscript.quit(1)
end if
Err.Clear
Check if the user logging on is a member of the Test OU within user departments.
If so ensure the machine they are logging on to is a member of the Desktops\Test OU.
If the machine is from any other OU the users should be logged off.
Here's what I've tried, but it seems to log everyone off, no matter what. Help greatly appreciated. Variables are set further up the script for DIM settings, domain name etc.
'Don't allow Test users to log on to non test machines
Set sMachineOU = GetObject ("LDAP://cn="&sComputerNam
bFoundTestMachine = TRUE
If Err.Number = E_ADS_OBJECT_NOT_FOUND Then
bFoundTestMachine = FALSE
end if
Set oTestUser = GetObject ("LDAP://cn="&sUserName&",
bFoundTestUser = TRUE
If Err.Number = E_ADS_OBJECT_NOT_FOUND Then
bFoundTestUser = FALSE
end if
If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
sRunner = oshell.run ("Nologon.exe",false)
WScript.Sleep 5000
sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
wscript.quit(1)
end if
Err.Clear
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
3
-
3
6 Comments
PS. Nologon.exe is a self written .exe that displays a message explaining to the user what is happening, stored within netlogon share.
youre1m
Try this:
'Don't allow Test users to log on to non test machines
Set sMachineOU = GetObject ("LDAP://cn="&sComputerNam
bFoundTestMachine = TRUE
If Err.Number <> 0 bFoundTestMachine = FALSE
end if
Set oTestUser = GetObject ("LDAP://cn="&sUserName&",
bFoundTestUser = TRUE
If Err.Number <> 0 then bFoundTestUser = FALSE
end if
If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
sRunner = oshell.run ("Nologon.exe",false)
WScript.Sleep 5000
sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
wscript.quit(1)
end if
Err.Clear
Cheers
JamesDS
Try this:
'Don't allow Test users to log on to non test machines
Set sMachineOU = GetObject ("LDAP://cn="&sComputerNam
bFoundTestMachine = TRUE
If Err.Number <> 0 bFoundTestMachine = FALSE
end if
Set oTestUser = GetObject ("LDAP://cn="&sUserName&",
bFoundTestUser = TRUE
If Err.Number <> 0 then bFoundTestUser = FALSE
end if
If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
sRunner = oshell.run ("Nologon.exe",false)
WScript.Sleep 5000
sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
wscript.quit(1)
end if
Err.Clear
Cheers
JamesDS
James,
Sorry about the long delay, I've been working on something else for a while.
I have tried to use your script but get an error message stating a "then" was expected on the line I have put a * next to below. I have tried adding a then but still get the same error message. Any ideas??
Set sMachineOU = GetObject ("LDAP://cn="&sComputerNam
bFoundTestMachine = TRUE
If Err.Number <> 0 bFoundTestMachine = FALSE *
end if
Set oTestUser = GetObject ("LDAP://cn="&sUserName&",
bFoundTestUser = TRUE
If Err.Number <> 0 then bFoundTestUser = FALSE
end if
If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
sRunner = oshell.run ("Nologon.exe",false)
WScript.Sleep 5000
sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
wscript.quit(1)
end if
Err.Clear
Sorry about the long delay, I've been working on something else for a while.
I have tried to use your script but get an error message stating a "then" was expected on the line I have put a * next to below. I have tried adding a then but still get the same error message. Any ideas??
Set sMachineOU = GetObject ("LDAP://cn="&sComputerNam
bFoundTestMachine = TRUE
If Err.Number <> 0 bFoundTestMachine = FALSE *
end if
Set oTestUser = GetObject ("LDAP://cn="&sUserName&",
bFoundTestUser = TRUE
If Err.Number <> 0 then bFoundTestUser = FALSE
end if
If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
sRunner = oshell.run ("Nologon.exe",false)
WScript.Sleep 5000
sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
wscript.quit(1)
end if
Err.Clear
youre1m
Oops, missing that "then" statement!
Try this
Set sMachineOU = GetObject ("LDAP://cn="&sComputerNam
bFoundTestMachine = TRUE
If Err.Number <> 0 then bFoundTestMachine = FALSE
end if
Set oTestUser = GetObject ("LDAP://cn="&sUserName&",
bFoundTestUser = TRUE
If Err.Number <> 0 then bFoundTestUser = FALSE
end if
If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
sRunner = oshell.run ("Nologon.exe",false)
WScript.Sleep 5000
sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
wscript.quit(1)
end if
Err.Clear
Cheers
JamesDS
Oops, missing that "then" statement!
Try this
Set sMachineOU = GetObject ("LDAP://cn="&sComputerNam
bFoundTestMachine = TRUE
If Err.Number <> 0 then bFoundTestMachine = FALSE
end if
Set oTestUser = GetObject ("LDAP://cn="&sUserName&",
bFoundTestUser = TRUE
If Err.Number <> 0 then bFoundTestUser = FALSE
end if
If bFoundTestUser = TRUE and bFoundTestMachine = FALSE Then
sRunner = oshell.run ("Nologon.exe",false)
WScript.Sleep 5000
sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
wscript.quit(1)
end if
Err.Clear
Cheers
JamesDS
Ok, below is what I've found that works, but you can have the points for effort, couldn't get your solution to work.
'Determine whether user is a test User
bTestUser = FALSE
If strUserOU = "test" then
bTargetuser = TRUE
end if
'Determine Whether machine is in Target Training machine
bTargetMachine = FALSE
If strCompOU = "test machine" then
bTestMachine = TRUE
end if
If bTestuser = TRUE and bTestMachine = FALSE then
sRunner = oshell.run ("Nologon.exe",false)
WScript.Sleep 5000
sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
wscript.quit(1)
end if
'Determine whether user is a test User
bTestUser = FALSE
If strUserOU = "test" then
bTargetuser = TRUE
end if
'Determine Whether machine is in Target Training machine
bTargetMachine = FALSE
If strCompOU = "test machine" then
bTestMachine = TRUE
end if
If bTestuser = TRUE and bTestMachine = FALSE then
sRunner = oshell.run ("Nologon.exe",false)
WScript.Sleep 5000
sRunner = oshell.run ("logoff.exe /N /F", HIDE_WINDOW ,TRUE)
wscript.quit(1)
end if
Featured Post
Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this blog post, we’ll look at how ClickHouse performs in a general analytical workload using the star schema benchmark test.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses
Course of the Month6 days, 22 hours left to enroll
724 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.