lucid911
asked on
Map drives based on (domain) group membership
WHat I want to do is have one script run at login for all users which will query AD for group membership and map the correct drives for each group.
IE
user logs in
script gets all users group membership
Say user is a member of domain users, gp1, and gp2,
Script runs logon part
If member gp1 ///maps this
map \\server\share
:next
If member gp99 ///dosent map this
map \\server\share
:next
etc
Ive tried using the Ifmember exe on the 2000 res kit but it dosent seem to work half the time.
A possibility is the script below but I cant get it to work properly. It will get the local username and echo this back (for testing) this part works. If you look at the strUser ="cn=administrator," you will note I need to change this to the variable USERNAME which dosent seem to work for me because even if I change strUser ="cn=administrator," to for example strUser ="cn=admin," the script errors out.
Can anyone fix my script or suggest a better way?
' UsermemberOf Adv.vbs
' To list the groups to which the administrator is a memberOf
' Author Guy Thomas http://computerperformance.co.uk/
' Version 2.3 - May 2005
' --------------------------
Option Explicit
Dim objRootLDAP, objGroup, objUser, objOU, objmemberOf
Dim strOU, strUser, strDNSDomain, strLDAP, strList, USERNAME
Dim arrGroup
Dim objShell, WshShell, WshSysEnv, ComputerName, out, FSO, filesys, filetxt, Date
Dim strDriveLetter1, strNewName1, strDriveLetter2, strNewName2
Set WshShell = WScript.CreateObject("WScr
Set WshSysEnv = WshShell.Environment("PROC
Set fso = CreateObject("Scripting.Fi
USERNAME = WshSysEnv.Item("USERNAME")
WScript.Echo "Username is " & USERNAME
' Commands to bind to AD and extract domain name
Set objRootLDAP = GetObject("LDAP://RootDSE"
strDNSDomain = objRootLDAP.Get("DefaultNa
' Build the LDAP DN from strUser, strOU and strDNSDomain
strList ="------------------------
strUser ="cn=administrator,"
strOU ="CN=Users,"
strLDAP ="LDAP://" & strUser & strOU & strDNSDomain
Set objUser = GetObject(strLDAP)
' Heart of the script, extract a list of Groups from memberOf
objmemberOf = objUser.GetEx("memberOf")
For Each objGroup in objmemberOf
objGroup = Mid(objGroup, 4, 330)
arrGroup = Split(objGroup, "," )
strList = strList & arrGroup(0) & vbcr
Next
' Additional section to find the primary group.
If objUser.primaryGroupID = 513 Then
strList = strList & vbCr & "Primary Group: " _
& vbCr & "Domain Users" & vbCr
Else If objUser.primaryGroupID = 515 Then
strList = strList & "Domain Computers"
Else strList = strList & "Maybe a Domain Controller"
End If
End If
WScript.Echo "Groups for " & Mid(strUser, 4, 99) & vbCr & strList
WSCript.Quit
' End of Sample User memberOf and primaryGroupID VBScript
IE
user logs in
script gets all users group membership
Say user is a member of domain users, gp1, and gp2,
Script runs logon part
If member gp1 ///maps this
map \\server\share
:next
If member gp99 ///dosent map this
map \\server\share
:next
etc
Ive tried using the Ifmember exe on the 2000 res kit but it dosent seem to work half the time.
A possibility is the script below but I cant get it to work properly. It will get the local username and echo this back (for testing) this part works. If you look at the strUser ="cn=administrator," you will note I need to change this to the variable USERNAME which dosent seem to work for me because even if I change strUser ="cn=administrator," to for example strUser ="cn=admin," the script errors out.
Can anyone fix my script or suggest a better way?
' UsermemberOf Adv.vbs
' To list the groups to which the administrator is a memberOf
' Author Guy Thomas http://computerperformance.co.uk/
' Version 2.3 - May 2005
' --------------------------
Option Explicit
Dim objRootLDAP, objGroup, objUser, objOU, objmemberOf
Dim strOU, strUser, strDNSDomain, strLDAP, strList, USERNAME
Dim arrGroup
Dim objShell, WshShell, WshSysEnv, ComputerName, out, FSO, filesys, filetxt, Date
Dim strDriveLetter1, strNewName1, strDriveLetter2, strNewName2
Set WshShell = WScript.CreateObject("WScr
Set WshSysEnv = WshShell.Environment("PROC
Set fso = CreateObject("Scripting.Fi
USERNAME = WshSysEnv.Item("USERNAME")
WScript.Echo "Username is " & USERNAME
' Commands to bind to AD and extract domain name
Set objRootLDAP = GetObject("LDAP://RootDSE"
strDNSDomain = objRootLDAP.Get("DefaultNa
' Build the LDAP DN from strUser, strOU and strDNSDomain
strList ="------------------------
strUser ="cn=administrator,"
strOU ="CN=Users,"
strLDAP ="LDAP://" & strUser & strOU & strDNSDomain
Set objUser = GetObject(strLDAP)
' Heart of the script, extract a list of Groups from memberOf
objmemberOf = objUser.GetEx("memberOf")
For Each objGroup in objmemberOf
objGroup = Mid(objGroup, 4, 330)
arrGroup = Split(objGroup, "," )
strList = strList & arrGroup(0) & vbcr
Next
' Additional section to find the primary group.
If objUser.primaryGroupID = 513 Then
strList = strList & vbCr & "Primary Group: " _
& vbCr & "Domain Users" & vbCr
Else If objUser.primaryGroupID = 515 Then
strList = strList & "Domain Computers"
Else strList = strList & "Maybe a Domain Controller"
End If
End If
WScript.Echo "Groups for " & Mid(strUser, 4, 99) & vbCr & strList
WSCript.Quit
' End of Sample User memberOf and primaryGroupID VBScript
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks again