Solved

Logon script that can tell if users have permissions

Posted on 2006-07-10
4
170 Views
Last Modified: 2012-05-05
Hi all,

I am looking for another scripting method or perhaps some already time tested scripts that will allow me to do the following:

I want to map every possible drive we use for all users however I want the script to be able to tell if they have permission or not and if they do not then i want the script not to map the drive.

Is this possible? if not is there another way to do it?

Summary:

A logon script will only map the a drive to a network share that a user has permission to access.

Thanks

CyberIDentity
0
Comment
Question by:CyberIDentity
4 Comments
 
LVL 95

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 100 total points
ID: 17079093
This is easy - use IFMEMBER and check for their presence in a security group.  (You do assign permissions via groups, right)?

0
 
LVL 29

Accepted Solution

by:
mass2612 earned 300 total points
ID: 17079104
leew is correct. This is how I used to handle this process i.e.

ifmember "group name"
if errorlevel 1 goto Group_Map
:Group_Map
net use g: \\servername\sharename

ifmember "group name 2"
if errorlevel 1 goto Group_Map2
:Group_Map2
net use g: \\servername\othersharename

elc....

0
 
LVL 43

Assisted Solution

by:Steve Knight
Steve Knight earned 100 total points
ID: 17079420
Or use DFS.  Create a DFS root and links to all the shares under it.  Users have one drive mapped to the DFS root with all the share underneath and will only be able to access what the permissions allow.

Other than that big long list of ifmember.exe in batch file or a VBS script etc.

I thought you might be able to do something like:

net use \\server\share
if errorlevel 1 net use x: /delete
if not exist x:\nul net use x: /delete

But of course you can still map a share and even attempt to run a dir of the drive etc. without any error. It is only when you try and write to the share or read a specific files that it fails.  As users may not have  write permissions in the root of a share you can't write a test file to check the rights.  You could make sure there is a specific file in the root of every share you could check for and if you can't find it then delete the mapping but that is messy.  Checking permissions on the fly in a login script with CACLS etc. can only be slow and open to errors.

ifmember or DFS looks like the way to go.

Steve
0
 
LVL 1

Author Comment

by:CyberIDentity
ID: 17086869
Hi all,

Thanks for the replies.

Yes i do use groups to determine who gets access to the shared resources.

I have accepted mass2612's answer as they provided an example, lew and dragon get an assist, I appreciate all your responses :)

Thanks all.

CyberIDentity

0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Changing MS Windows 2003 Server product key 6 327
How to NTBackup if SQL Server running? 6 903
Making a spare domain pc 12 325
Change port for terminal servers (2000 and 2003) 3 157
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question