Solved

VBS LOGIN SCRIPT DOES NOT WORK

Posted on 2007-11-28
25
639 Views
Last Modified: 2013-12-23
I have developed a VBS script that works just fine if you the Enterprise Admin, but does not seem to work for anyone else. Can someone tell me what needs to be changed so this works for everyone?
Set WshNetwork = WScript.CreateObject("WScript.Network")
strUser = WshNetwork.UserName
On Error Resume Next
'************************************************
'CREATE TEMP FOLDER ON CLIENT COMPUTER
'************************************************
'Option Explicit
Dim objFSO, objFolder, strDirectory
strDirectory = "c:\TEMP" 
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFolder = objFSO.CreateFolder(strDirectory)
'WScript.Echo "Just created " & strDirectory 
'************************************************
'SET TEMP FOLDER RIGHTS CLIENT COMPUTER
'************************************************
Set objShell=CreateObject("Wscript.shell")
With objShell
  .Run "cmd /c cacls c:\temp /e /g Administrator:F", 0
  .Run "cmd /c cacls c:\temp /e /g Administrators:F", 0
  .Run "cmd /c cacls c:\temp /e /g " & chr(34) & "Authenticated Users" & chr(34) & ":C", 0
  .Run "cmd /c cacls c:\temp /e /g " & chr(34) & "Creator Owner" & chr(34) & ":F", 0
  .Run "cmd /c cacls c:\temp /e /g SYSTEM:F", 0
  .Run "cmd /c cacls c:\temp /e /g Users:C", 0
end with
'************************************************
'DELETE ALL MAPPED DRIVES
'************************************************
set Net = CreateObject("Wscript.Network")
set Drives = Net.EnumNetworkDrives
for each item in Drives
  if right(item,1) = ":" then
         Net.RemoveNetworkDrive item
end if
next
'************************************************
'DELETE ALL NETWORK PRINTERS
'************************************************
'Set clPrinters = WshNetwork.EnumPrinterConnections
'On Error Resume Next
'For i = 0 to clPrinters.Count - 1 Step 2
'wshNetwork.RemovePrinterConnection clPrinters.Item(i+1), true
'next
'************************************************
'DELETE ALL LOCAL PRINTERS EXCEPT NAMED PRINTERS
'************************************************
'strComputer = "."
'Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
'Set colInstalledPrinters =  objWMIService.ExecQuery _
'    ("Select * from Win32_Printer Where Network = FALSE")
'For Each objPrinter in colInstalledPrinters
'If objPrinter.Name = "V_CD_HP5550" or objPrinter.Name = "V_STU_HP6P" or objPrinter.Name = "V_IT_E1280" or objPrinter.Name = "LEADTOOLS ePrint IV" or objPrinter.Name = "SnagIt 8" or objPrinter.Name = "Evolis Pebble" or objPrinter.Name = "eCopy Desktop 9.0 Printer" or objPrinter.Name = "Microsoft XPS Document Writer" or objPrinter.Name = "Microsoft Office Document Image Writer" or objPrinter.Name = "Adobe PDF" then
'strdelete = false
'else
'objPrinter.Delete_
'end if 
'next
'************************************************
'MAP DRIVES & PRINTERS BASED ON GROUP MEMBERSHIP
'************************************************
On Error Resume Next
 
Dim fso
Set fso = CreateObject("Scripting.FileSystemObject")
Set objSysInfo = CreateObject("ADSystemInfo")
Set objNetwork = CreateObject("Wscript.Network")
 
strUserPath = "LDAP://" & objSysInfo.UserName
Set objUser = GetObject(strUserPath)
 
For Each strGroup in objUser.MemberOf
    strGroupPath = "LDAP://" & strGroup
    Set objGroup = GetObject(strGroupPath)
    strGroupName = objGroup.CN
 
 Select Case strGroupName
 
Case "NetOps"
'************************************************
'COPY WALLPAPER TO CLIENT COMPUTER
'************************************************
		'Change to 1 if you want it to overwrite
		fso.CopyFile "\\SVR-1\netlogon\netops.jpg", "c:\temp\netops.jpg", -0
		fso.CopyFile "\\SVR-1\netlogon\netops.bgi", "c:\temp\netops.bgi", -1
		fso.CopyFile "\\SVR-1\netlogon\bginfo.exe", "c:\temp\bginfo.exe", -0
		Set fs = Nothing
		Set WSHShell = CreateObject("Wscript.Shell")
		WSHShell.Run ("\\SVR-1\netlogon\netopsbgi.bat"), 0
'************************************************
'MAP NETWORK SHARES
'************************************************
		objNetwork.MapNetworkDrive "I:", "\\SVR-1\RGM32"
		objNetwork.MapNetworkDrive "O:", "\\SVR-3\D$"
		objNetwork.MapNetworkDrive "P:", "\\SVR-3\E$"
		objNetwork.MapNetworkDrive "S:", "\\SVR-2\public\Shares"
		objNetwork.MapNetworkDrive "V:", "\\SVR-2\public\ID Badges"
		objNetwork.MapNetworkDrive "W:", "\\SVR-3\Work Files"
		objNetwork.MapNetworkDrive "X:", "\\SVR-2\public\TSQL"
		objNetwork.MapNetworkDrive "Y:", "\\SVR-1\prof-staff$"
		objNetwork.MapNetworkDrive "Z:", "\\SVR-2\it\Installs"
'************************************************
'MAP NETWORK PRINTERS
'************************************************
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V-iRC6800"
		PrinterDriver = "Canon iR C6800 PCL5c"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
		'WshNetwork.SetDefaultPrinter "\\SVR-1\V-iRC6800"
 
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V-FD-1320"
		PrinterDriver = "hp LaserJet 1320 PCL 6"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
 
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V-FA-1300"
		PrinterDriver = "hp LaserJet 1300 PCL 6"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
        
Case "Management"
'************************************************
'COPY WALLPAPER TO CLIENT COMPUTER
'************************************************
		'Change to 1 if you want it to overwrite
		fso.CopyFile "\\SVR-1\netlogon\management.jpg", "c:\temp\management.jpg", -0
		fso.CopyFile "\\SVR-1\netlogon\management.bgi", "c:\temp\management.bgi", -1
		fso.CopyFile "\\SVR-1\netlogon\bginfo.exe", "c:\temp\bginfo.exe", -0
		Set fs = Nothing
		Set WSHShell = CreateObject("Wscript.Shell")
		WSHShell.Run ("\\SVR-1\netlogon\managementbgi.bat"), 0
'************************************************
'MAP NETWORK SHARES
'************************************************
		objNetwork.MapNetworkDrive "I:", "\\SVR-1\Rgm32"
		objNetwork.MapNetworkDrive "S:", "\\SVR-2\public\SHARES"
		objNetwork.MapNetworkDrive "X:", "\\SVR-2\public\TSQL"
'************************************************
'MAP NETWORK PRINTERS
'************************************************
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V-iRC6800"
		PrinterDriver = "Canon iR C6800 PCL5c"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
		' WshNetwork.SetDefaultPrinter "\\SVR-1\V-iRC6800"
 
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V_FD_1320"
		PrinterDriver = "hp LaserJet 1320 PCL 6"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
 
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V_FA_1300"
		PrinterDriver = "hp LaserJet 1300 PCL 6"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
 
Case "Staff"
'************************************************
'COPY WALLPAPER TO CLIENT COMPUTER
'************************************************
		'Change to 1 if you want it to overwrite
		fso.CopyFile "\\SVR-1\netlogon\staff.jpg", "c:\temp\staff.jpg", -0
		fso.CopyFile "\\SVR-1\netlogon\staff.bgi", "c:\temp\staff.bgi", -1
		fso.CopyFile "\\SVR-1\netlogon\bginfo.exe", "c:\temp\bginfo.exe", -0
		Set fs = Nothing
		Set WSHShell = CreateObject("Wscript.Shell")
		WSHShell.Run ("\\SVR-1\netlogon\staffbgi.bat"), 0
'************************************************
'MAP NETWORK SHARES
'************************************************
		objNetwork.MapNetworkDrive "I:", "\\SVR-1\Rgm32"
		objNetwork.MapNetworkDrive "S:", "\\SVR-2\public\SHARES"
		objNetwork.MapNetworkDrive "X:", "\\SVR-2\public\TSQL"
'************************************************
'MAP VAN NETWORK PRINTERS
'************************************************
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V-iRC6800"
		PrinterDriver = "Canon iR C6800 PCL5c"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
		' WshNetwork.SetDefaultPrinter "\\SVR-1\V-iRC6800"
 
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V_FD_1320"
		PrinterDriver = "hp LaserJet 1320 PCL 6"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
 
	End Select
 
Next
'************************************************
'Map Special Drives By User ID 
'************************************************
'MsgBox(struser)
If InStr(strUser, "sharon.dugan") Then
WshNetwork.MapNetworkDrive "W:", "\\SVR-3\Work Files"
 
End If
 
'MsgBox(struser)
If InStr(strUser, "zed.meyers") Then
WshNetwork.MapNetworkDrive "Q:", "\\haw-0001\quickbooks$"
 
End If
 
'MsgBox(struser)
'If InStr(strUser, "rosleen.aurora") Then
'WshNetwork.MapNetworkDrive "T:", "\\H-fadir\EDConn"
'WshNetwork.MapNetworkDrive "U:", "\\H-fadir\ED"
 
'End If
 
'************************************************
'Numlock On 
'************************************************
set WshShell = CreateObject("WScript.Shell")
WshShell.SendKeys "{NUMLOCK}" 
 
WScript.Quit

Open in new window

0
Comment
Question by:Lazarus
  • 14
  • 10
25 Comments
 
LVL 21

Expert Comment

by:from_exp
ID: 20368840
do users have permissions to access this file?
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20368854
Can I recommend that you put some debugging info into the script, also break it down into sections to test.  If you save this reduced script in the NETLOGON folder, you will be able to access it from any client.

Then, as a low-privilege user, start Command Prompt and use CSCRIPT to run the script.  Remove the "On Error Resume Next" so that you get error messages, but wrap sections that might legitimately cause errors in "On Error Resume Next"/"On Error Goto 0" pairs so that those continue successfully.

It may be your Active Directory query that is the problem, but let's focus the issue rather than trying to answer hypothetical possibilities.
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20368956
The users are able to run the script from the NETLOGON folder yes, and the script runs thru, but does not run the 'MAP DRIVES & PRINTERS BASED ON GROUP MEMBERSHIP section. Everything else works for non Enterprise Admins
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20368994
Try augmenting the script with some debug info, such as:
  WScript.Echo "Group: "  & strGroupName & vbCrLf

Find out exactly what isn't working, and using this method you'll find out why.
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369019
With "On Error Resume Next" removed I get an error at line 70 character 1, object not a collection.

Will try the "WScript.Echo "Group: "  & strGroupName & vbCrLf" next
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369031
Where should I place that snippet of code?
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20369081
Sounds like the group membership of the requested user is not accessible.

You may also want to check the permissions in Active Directory.  Do your users have access to enumerate group memberships?
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369120
I placed your code in there and it comes up with Group: "BLANK"
How do I check to figure out the membership enumeration?
Thats something I've never had to deal with, but I learn...
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369132
Or better yet, how do I grant it for the script only?
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20369135
The code can go on any line.  Most things can be written as strings, so just change strGroupName and the prefix to whatever is useful.

I recommend that you put a whole bunch of these, with different number prefixes, so you can see exactly where your code goes for the user.

If you put them before the line causing the error, you can see what the script can see, by showing the user's details or anything else.

Perhaps also check that the GetObject line has returned an object.
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20369173
I'm assuming you don't have a group called BLANK?!  Actually, I know some reasons why such groups DO exist!  Let me know.

Next question is whether the user is a member of any groups.  If the MemberOf property is not a legitimate collection, then the For Each will fail.  Since this is an exceptional case, it may make sense to wrap an On Error pairing around the for each, that way the script will continue after the For Each block in the error case.
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369180
I'm a bit weak in VBS scripting.

Putting the code "WScript.Echo "Object: "  & strGroupPath & vbCrLf" gives me back LDAP://

Another other help? I seem a bit lost (A LOT LOST)
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369196
Yes, the user is a member of "Faculty" and a Domain User. The BLANK was just that nothing, like you thought.
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20369243
Try adjusting it with an If Then block as follows.  Remember to terminate the block.
For Each strGroup in objUser.MemberOf
    strGroupPath = "" & strGroup ' this forces strGroup to a string
    If strGroupPath <> "" Then
       strGroupPath = "LDAP://" & strGroup
       Set objGroup = GetObject(strGroupPath)
       strGroupName = objGroup.CN
 
    ...
 
    End If

Open in new window

0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369506
OK, after doing that I still get the same thing, so perhaps it's an enumeration problem?
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20369859
So how do I allow the script to enumerate the Users Group properly?
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20373332
You can use the following code to see an error, after any statement:

If Err.Number <> 0 Then
      WScript.Echo Err.Description
end if

I don't think "memberOf" is being retrieved correctly.  Am not currently sure why.  Will investigate when I have time.
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20381343
Try the following:
http://msdn2.microsoft.com/en-us/library/aa746340.aspx

Use the objUser.Groups item

I can't test this as I'm not a member of any groups.  Note that it does not appear to return membership of the primary group, but I've seen this behaviour documented elsewhere and I don't think it'll affect your needs.
For Each objGroup in objUser.Groups
   WScript.Echo objGroup.Name
Next

Open in new window

0
 
LVL 20

Author Comment

by:Lazarus
ID: 20384673
I'll look into this over the weekend and get back to you.
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20392393
Nope that didn't do anything either. It's simply coming down to a security issue with polices that will not let non admins enumerate a group. So I'll either have to fix that or try another way of scripting this. Thanks for trying though.
0
 
LVL 19

Accepted Solution

by:
SteveH_UK earned 500 total points
ID: 20394011
Try running the command:

net user /domain

at a command prompt.  If you can see the information about the users groups, you may have more success using the WinNT provider rather than using LDAP with ADSI.  See:

http://msdn2.microsoft.com/en-us/library/aa772316.aspx

I'm surprised that you are not actually receiving a "you do not have permissions" type of error.
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20396446
I was able to figure out a way around everything by using a different method to pull the groups. I'll attach the code snippet
Option Explicit ' Force explicit declarations
Dim WSHNetwork
Dim FSO
Dim strUserName ' Current user
Dim strUserDomain ' Current User's domain name
Dim ObjGroupDict ' Dictionary of groups to which the user belongs
Dim WshShell
 
Set WSHNetwork = WScript.CreateObject("WScript.Network")
Set FSO = CreateObject("Scripting.FileSystemObject")
set wshShell = CreateObject("Wscript.Shell")
 
strUserName = ""
While strUserName = ""
strUserName = WSHNetwork.UserName
Wend
strUserDomain = WSHNetwork.UserDomain
 
Set ObjGroupDict = CreateMemberOfObject(strUserDomain, strUserName)
If MemberOf(ObjGroupDict, "ITTECH") Then
WshNetwork.MapNetworkDrive "N:", "\\SVR1\INSTALLS"
 
ElseIf MemberOf(ObjGroupDict, "STAFF") Then
WshNetwork.MapNetworkDrive "N:", "\\SVR1\SHARES"
 
Else 
'Nothing
End If
 
Function MemberOf(ObjDict, strKey)
MemberOf = CBool(ObjGroupDict.Exists(strKey))
 
End Function
 
Function CreateMemberOfObject(strDomain, strUserName)
 
Dim objUser, objGroup
 
Set CreateMemberOfObject = CreateObject("Scripting.Dictionary")
CreateMemberOfObject.CompareMode = vbTextCompare
Set objUser = GetObject("WinNT://" _
& strDomain & "/" _
& strUserName & ",user")
For Each objGroup In objUser.Groups
CreateMemberOfObject.Add objGroup.Name, "-"
Next
Set objUser = Nothing
 
End Function

Open in new window

0
 
LVL 20

Author Comment

by:Lazarus
ID: 20396479
Wish I could have made the code simpler, But I'm not all that with coding VB Scripts.
Perhaps someone has an idea on how to tighten that code?

But at least I have it working now.
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20396940
So looks like you used the WinNT provider as I suggested, then.
0
 
LVL 20

Author Comment

by:Lazarus
ID: 20397294
Well, yeah it sort looks that way. But I had to dig pretty hard to get this code to work for sure...
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you see single cell contains number and text, and you have to get any date out of it seems like cracking our heads.
An article on effective troubleshooting
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

822 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question