Solved

VBS LOGIN SCRIPT DOES NOT WORK

Posted on 2007-11-28
25
637 Views
Last Modified: 2013-12-23
I have developed a VBS script that works just fine if you the Enterprise Admin, but does not seem to work for anyone else. Can someone tell me what needs to be changed so this works for everyone?
Set WshNetwork = WScript.CreateObject("WScript.Network")

strUser = WshNetwork.UserName

On Error Resume Next

'************************************************

'CREATE TEMP FOLDER ON CLIENT COMPUTER

'************************************************

'Option Explicit

Dim objFSO, objFolder, strDirectory

strDirectory = "c:\TEMP" 

Set objFSO = CreateObject("Scripting.FileSystemObject")

Set objFolder = objFSO.CreateFolder(strDirectory)

'WScript.Echo "Just created " & strDirectory 

'************************************************

'SET TEMP FOLDER RIGHTS CLIENT COMPUTER

'************************************************

Set objShell=CreateObject("Wscript.shell")

With objShell

  .Run "cmd /c cacls c:\temp /e /g Administrator:F", 0

  .Run "cmd /c cacls c:\temp /e /g Administrators:F", 0

  .Run "cmd /c cacls c:\temp /e /g " & chr(34) & "Authenticated Users" & chr(34) & ":C", 0

  .Run "cmd /c cacls c:\temp /e /g " & chr(34) & "Creator Owner" & chr(34) & ":F", 0

  .Run "cmd /c cacls c:\temp /e /g SYSTEM:F", 0

  .Run "cmd /c cacls c:\temp /e /g Users:C", 0

end with

'************************************************

'DELETE ALL MAPPED DRIVES

'************************************************

set Net = CreateObject("Wscript.Network")

set Drives = Net.EnumNetworkDrives

for each item in Drives

  if right(item,1) = ":" then

         Net.RemoveNetworkDrive item

end if

next

'************************************************

'DELETE ALL NETWORK PRINTERS

'************************************************

'Set clPrinters = WshNetwork.EnumPrinterConnections

'On Error Resume Next

'For i = 0 to clPrinters.Count - 1 Step 2

'wshNetwork.RemovePrinterConnection clPrinters.Item(i+1), true

'next

'************************************************

'DELETE ALL LOCAL PRINTERS EXCEPT NAMED PRINTERS

'************************************************

'strComputer = "."

'Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")

'Set colInstalledPrinters =  objWMIService.ExecQuery _

'    ("Select * from Win32_Printer Where Network = FALSE")

'For Each objPrinter in colInstalledPrinters

'If objPrinter.Name = "V_CD_HP5550" or objPrinter.Name = "V_STU_HP6P" or objPrinter.Name = "V_IT_E1280" or objPrinter.Name = "LEADTOOLS ePrint IV" or objPrinter.Name = "SnagIt 8" or objPrinter.Name = "Evolis Pebble" or objPrinter.Name = "eCopy Desktop 9.0 Printer" or objPrinter.Name = "Microsoft XPS Document Writer" or objPrinter.Name = "Microsoft Office Document Image Writer" or objPrinter.Name = "Adobe PDF" then

'strdelete = false

'else

'objPrinter.Delete_

'end if 

'next

'************************************************

'MAP DRIVES & PRINTERS BASED ON GROUP MEMBERSHIP

'************************************************

On Error Resume Next
 

Dim fso

Set fso = CreateObject("Scripting.FileSystemObject")

Set objSysInfo = CreateObject("ADSystemInfo")

Set objNetwork = CreateObject("Wscript.Network")
 

strUserPath = "LDAP://" & objSysInfo.UserName

Set objUser = GetObject(strUserPath)
 

For Each strGroup in objUser.MemberOf

    strGroupPath = "LDAP://" & strGroup

    Set objGroup = GetObject(strGroupPath)

    strGroupName = objGroup.CN
 

 Select Case strGroupName
 

Case "NetOps"

'************************************************

'COPY WALLPAPER TO CLIENT COMPUTER

'************************************************

		'Change to 1 if you want it to overwrite

		fso.CopyFile "\\SVR-1\netlogon\netops.jpg", "c:\temp\netops.jpg", -0

		fso.CopyFile "\\SVR-1\netlogon\netops.bgi", "c:\temp\netops.bgi", -1

		fso.CopyFile "\\SVR-1\netlogon\bginfo.exe", "c:\temp\bginfo.exe", -0

		Set fs = Nothing

		Set WSHShell = CreateObject("Wscript.Shell")

		WSHShell.Run ("\\SVR-1\netlogon\netopsbgi.bat"), 0

'************************************************

'MAP NETWORK SHARES

'************************************************

		objNetwork.MapNetworkDrive "I:", "\\SVR-1\RGM32"

		objNetwork.MapNetworkDrive "O:", "\\SVR-3\D$"

		objNetwork.MapNetworkDrive "P:", "\\SVR-3\E$"

		objNetwork.MapNetworkDrive "S:", "\\SVR-2\public\Shares"

		objNetwork.MapNetworkDrive "V:", "\\SVR-2\public\ID Badges"

		objNetwork.MapNetworkDrive "W:", "\\SVR-3\Work Files"

		objNetwork.MapNetworkDrive "X:", "\\SVR-2\public\TSQL"

		objNetwork.MapNetworkDrive "Y:", "\\SVR-1\prof-staff$"

		objNetwork.MapNetworkDrive "Z:", "\\SVR-2\it\Installs"

'************************************************

'MAP NETWORK PRINTERS

'************************************************

		Set WshNetwork = CreateObject("WScript.Network")

		PrinterPath = "\\SVR-1\V-iRC6800"

		PrinterDriver = "Canon iR C6800 PCL5c"

		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver

		'WshNetwork.SetDefaultPrinter "\\SVR-1\V-iRC6800"
 

		Set WshNetwork = CreateObject("WScript.Network")

		PrinterPath = "\\SVR-1\V-FD-1320"

		PrinterDriver = "hp LaserJet 1320 PCL 6"

		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
 

		Set WshNetwork = CreateObject("WScript.Network")

		PrinterPath = "\\SVR-1\V-FA-1300"

		PrinterDriver = "hp LaserJet 1300 PCL 6"

		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver

        

Case "Management"

'************************************************

'COPY WALLPAPER TO CLIENT COMPUTER

'************************************************

		'Change to 1 if you want it to overwrite

		fso.CopyFile "\\SVR-1\netlogon\management.jpg", "c:\temp\management.jpg", -0

		fso.CopyFile "\\SVR-1\netlogon\management.bgi", "c:\temp\management.bgi", -1

		fso.CopyFile "\\SVR-1\netlogon\bginfo.exe", "c:\temp\bginfo.exe", -0

		Set fs = Nothing

		Set WSHShell = CreateObject("Wscript.Shell")

		WSHShell.Run ("\\SVR-1\netlogon\managementbgi.bat"), 0

'************************************************

'MAP NETWORK SHARES

'************************************************

		objNetwork.MapNetworkDrive "I:", "\\SVR-1\Rgm32"

		objNetwork.MapNetworkDrive "S:", "\\SVR-2\public\SHARES"

		objNetwork.MapNetworkDrive "X:", "\\SVR-2\public\TSQL"

'************************************************

'MAP NETWORK PRINTERS

'************************************************

		Set WshNetwork = CreateObject("WScript.Network")

		PrinterPath = "\\SVR-1\V-iRC6800"

		PrinterDriver = "Canon iR C6800 PCL5c"

		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver

		' WshNetwork.SetDefaultPrinter "\\SVR-1\V-iRC6800"
 

		Set WshNetwork = CreateObject("WScript.Network")

		PrinterPath = "\\SVR-1\V_FD_1320"

		PrinterDriver = "hp LaserJet 1320 PCL 6"

		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
 

		Set WshNetwork = CreateObject("WScript.Network")

		PrinterPath = "\\SVR-1\V_FA_1300"

		PrinterDriver = "hp LaserJet 1300 PCL 6"

		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
 

Case "Staff"

'************************************************

'COPY WALLPAPER TO CLIENT COMPUTER

'************************************************

		'Change to 1 if you want it to overwrite

		fso.CopyFile "\\SVR-1\netlogon\staff.jpg", "c:\temp\staff.jpg", -0

		fso.CopyFile "\\SVR-1\netlogon\staff.bgi", "c:\temp\staff.bgi", -1

		fso.CopyFile "\\SVR-1\netlogon\bginfo.exe", "c:\temp\bginfo.exe", -0

		Set fs = Nothing

		Set WSHShell = CreateObject("Wscript.Shell")

		WSHShell.Run ("\\SVR-1\netlogon\staffbgi.bat"), 0

'************************************************

'MAP NETWORK SHARES

'************************************************

		objNetwork.MapNetworkDrive "I:", "\\SVR-1\Rgm32"

		objNetwork.MapNetworkDrive "S:", "\\SVR-2\public\SHARES"

		objNetwork.MapNetworkDrive "X:", "\\SVR-2\public\TSQL"

'************************************************

'MAP VAN NETWORK PRINTERS

'************************************************

		Set WshNetwork = CreateObject("WScript.Network")

		PrinterPath = "\\SVR-1\V-iRC6800"

		PrinterDriver = "Canon iR C6800 PCL5c"

		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver

		' WshNetwork.SetDefaultPrinter "\\SVR-1\V-iRC6800"
 

		Set WshNetwork = CreateObject("WScript.Network")

		PrinterPath = "\\SVR-1\V_FD_1320"

		PrinterDriver = "hp LaserJet 1320 PCL 6"

		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
 

	End Select
 

Next

'************************************************

'Map Special Drives By User ID 

'************************************************

'MsgBox(struser)

If InStr(strUser, "sharon.dugan") Then

WshNetwork.MapNetworkDrive "W:", "\\SVR-3\Work Files"
 

End If
 

'MsgBox(struser)

If InStr(strUser, "zed.meyers") Then

WshNetwork.MapNetworkDrive "Q:", "\\haw-0001\quickbooks$"
 

End If
 

'MsgBox(struser)

'If InStr(strUser, "rosleen.aurora") Then

'WshNetwork.MapNetworkDrive "T:", "\\H-fadir\EDConn"

'WshNetwork.MapNetworkDrive "U:", "\\H-fadir\ED"
 

'End If
 

'************************************************

'Numlock On 

'************************************************

set WshShell = CreateObject("WScript.Shell")

WshShell.SendKeys "{NUMLOCK}" 
 

WScript.Quit

Open in new window

0
Comment
Question by:Lazarus
  • 14
  • 10
25 Comments
 
LVL 21

Expert Comment

by:from_exp
ID: 20368840
do users have permissions to access this file?
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20368854
Can I recommend that you put some debugging info into the script, also break it down into sections to test.  If you save this reduced script in the NETLOGON folder, you will be able to access it from any client.

Then, as a low-privilege user, start Command Prompt and use CSCRIPT to run the script.  Remove the "On Error Resume Next" so that you get error messages, but wrap sections that might legitimately cause errors in "On Error Resume Next"/"On Error Goto 0" pairs so that those continue successfully.

It may be your Active Directory query that is the problem, but let's focus the issue rather than trying to answer hypothetical possibilities.
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20368956
The users are able to run the script from the NETLOGON folder yes, and the script runs thru, but does not run the 'MAP DRIVES & PRINTERS BASED ON GROUP MEMBERSHIP section. Everything else works for non Enterprise Admins
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20368994
Try augmenting the script with some debug info, such as:
  WScript.Echo "Group: "  & strGroupName & vbCrLf

Find out exactly what isn't working, and using this method you'll find out why.
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369019
With "On Error Resume Next" removed I get an error at line 70 character 1, object not a collection.

Will try the "WScript.Echo "Group: "  & strGroupName & vbCrLf" next
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369031
Where should I place that snippet of code?
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20369081
Sounds like the group membership of the requested user is not accessible.

You may also want to check the permissions in Active Directory.  Do your users have access to enumerate group memberships?
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369120
I placed your code in there and it comes up with Group: "BLANK"
How do I check to figure out the membership enumeration?
Thats something I've never had to deal with, but I learn...
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369132
Or better yet, how do I grant it for the script only?
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20369135
The code can go on any line.  Most things can be written as strings, so just change strGroupName and the prefix to whatever is useful.

I recommend that you put a whole bunch of these, with different number prefixes, so you can see exactly where your code goes for the user.

If you put them before the line causing the error, you can see what the script can see, by showing the user's details or anything else.

Perhaps also check that the GetObject line has returned an object.
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20369173
I'm assuming you don't have a group called BLANK?!  Actually, I know some reasons why such groups DO exist!  Let me know.

Next question is whether the user is a member of any groups.  If the MemberOf property is not a legitimate collection, then the For Each will fail.  Since this is an exceptional case, it may make sense to wrap an On Error pairing around the for each, that way the script will continue after the For Each block in the error case.
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369180
I'm a bit weak in VBS scripting.

Putting the code "WScript.Echo "Object: "  & strGroupPath & vbCrLf" gives me back LDAP://

Another other help? I seem a bit lost (A LOT LOST)
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 20

Author Comment

by:Lazarus
ID: 20369196
Yes, the user is a member of "Faculty" and a Domain User. The BLANK was just that nothing, like you thought.
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20369243
Try adjusting it with an If Then block as follows.  Remember to terminate the block.
For Each strGroup in objUser.MemberOf

    strGroupPath = "" & strGroup ' this forces strGroup to a string

    If strGroupPath <> "" Then

       strGroupPath = "LDAP://" & strGroup

       Set objGroup = GetObject(strGroupPath)

       strGroupName = objGroup.CN
 

    ...
 

    End If

Open in new window

0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369506
OK, after doing that I still get the same thing, so perhaps it's an enumeration problem?
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369859
So how do I allow the script to enumerate the Users Group properly?
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20373332
You can use the following code to see an error, after any statement:

If Err.Number <> 0 Then
      WScript.Echo Err.Description
end if

I don't think "memberOf" is being retrieved correctly.  Am not currently sure why.  Will investigate when I have time.
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20381343
Try the following:
http://msdn2.microsoft.com/en-us/library/aa746340.aspx

Use the objUser.Groups item

I can't test this as I'm not a member of any groups.  Note that it does not appear to return membership of the primary group, but I've seen this behaviour documented elsewhere and I don't think it'll affect your needs.
For Each objGroup in objUser.Groups

   WScript.Echo objGroup.Name

Next

Open in new window

0
 
LVL 20

Author Comment

by:Lazarus
ID: 20384673
I'll look into this over the weekend and get back to you.
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20392393
Nope that didn't do anything either. It's simply coming down to a security issue with polices that will not let non admins enumerate a group. So I'll either have to fix that or try another way of scripting this. Thanks for trying though.
0
 
LVL 19

Accepted Solution

by:
SteveH_UK earned 500 total points
ID: 20394011
Try running the command:

net user /domain

at a command prompt.  If you can see the information about the users groups, you may have more success using the WinNT provider rather than using LDAP with ADSI.  See:

http://msdn2.microsoft.com/en-us/library/aa772316.aspx

I'm surprised that you are not actually receiving a "you do not have permissions" type of error.
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20396446
I was able to figure out a way around everything by using a different method to pull the groups. I'll attach the code snippet
Option Explicit ' Force explicit declarations

Dim WSHNetwork

Dim FSO

Dim strUserName ' Current user

Dim strUserDomain ' Current User's domain name

Dim ObjGroupDict ' Dictionary of groups to which the user belongs

Dim WshShell
 

Set WSHNetwork = WScript.CreateObject("WScript.Network")

Set FSO = CreateObject("Scripting.FileSystemObject")

set wshShell = CreateObject("Wscript.Shell")
 

strUserName = ""

While strUserName = ""

strUserName = WSHNetwork.UserName

Wend

strUserDomain = WSHNetwork.UserDomain
 

Set ObjGroupDict = CreateMemberOfObject(strUserDomain, strUserName)

If MemberOf(ObjGroupDict, "ITTECH") Then

WshNetwork.MapNetworkDrive "N:", "\\SVR1\INSTALLS"
 

ElseIf MemberOf(ObjGroupDict, "STAFF") Then

WshNetwork.MapNetworkDrive "N:", "\\SVR1\SHARES"
 

Else 

'Nothing

End If
 

Function MemberOf(ObjDict, strKey)

MemberOf = CBool(ObjGroupDict.Exists(strKey))
 

End Function
 

Function CreateMemberOfObject(strDomain, strUserName)
 

Dim objUser, objGroup
 

Set CreateMemberOfObject = CreateObject("Scripting.Dictionary")

CreateMemberOfObject.CompareMode = vbTextCompare

Set objUser = GetObject("WinNT://" _

& strDomain & "/" _

& strUserName & ",user")

For Each objGroup In objUser.Groups

CreateMemberOfObject.Add objGroup.Name, "-"

Next

Set objUser = Nothing
 

End Function

Open in new window

0
 
LVL 20

Author Comment

by:Lazarus
ID: 20396479
Wish I could have made the code simpler, But I'm not all that with coding VB Scripts.
Perhaps someone has an idea on how to tighten that code?

But at least I have it working now.
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20396940
So looks like you used the WinNT provider as I suggested, then.
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20397294
Well, yeah it sort looks that way. But I had to dig pretty hard to get this code to work for sure...
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Trasfering FSMO roles 8 96
Connecting two servers 30 76
Unexpected Windows system folders on D drive 16 73
Auto Login Script 3 20
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now