VBS LOGIN SCRIPT DOES NOT WORK

I have developed a VBS script that works just fine if you the Enterprise Admin, but does not seem to work for anyone else. Can someone tell me what needs to be changed so this works for everyone?
Set WshNetwork = WScript.CreateObject("WScript.Network")
strUser = WshNetwork.UserName
On Error Resume Next
'************************************************
'CREATE TEMP FOLDER ON CLIENT COMPUTER
'************************************************
'Option Explicit
Dim objFSO, objFolder, strDirectory
strDirectory = "c:\TEMP" 
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFolder = objFSO.CreateFolder(strDirectory)
'WScript.Echo "Just created " & strDirectory 
'************************************************
'SET TEMP FOLDER RIGHTS CLIENT COMPUTER
'************************************************
Set objShell=CreateObject("Wscript.shell")
With objShell
  .Run "cmd /c cacls c:\temp /e /g Administrator:F", 0
  .Run "cmd /c cacls c:\temp /e /g Administrators:F", 0
  .Run "cmd /c cacls c:\temp /e /g " & chr(34) & "Authenticated Users" & chr(34) & ":C", 0
  .Run "cmd /c cacls c:\temp /e /g " & chr(34) & "Creator Owner" & chr(34) & ":F", 0
  .Run "cmd /c cacls c:\temp /e /g SYSTEM:F", 0
  .Run "cmd /c cacls c:\temp /e /g Users:C", 0
end with
'************************************************
'DELETE ALL MAPPED DRIVES
'************************************************
set Net = CreateObject("Wscript.Network")
set Drives = Net.EnumNetworkDrives
for each item in Drives
  if right(item,1) = ":" then
         Net.RemoveNetworkDrive item
end if
next
'************************************************
'DELETE ALL NETWORK PRINTERS
'************************************************
'Set clPrinters = WshNetwork.EnumPrinterConnections
'On Error Resume Next
'For i = 0 to clPrinters.Count - 1 Step 2
'wshNetwork.RemovePrinterConnection clPrinters.Item(i+1), true
'next
'************************************************
'DELETE ALL LOCAL PRINTERS EXCEPT NAMED PRINTERS
'************************************************
'strComputer = "."
'Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
'Set colInstalledPrinters =  objWMIService.ExecQuery _
'    ("Select * from Win32_Printer Where Network = FALSE")
'For Each objPrinter in colInstalledPrinters
'If objPrinter.Name = "V_CD_HP5550" or objPrinter.Name = "V_STU_HP6P" or objPrinter.Name = "V_IT_E1280" or objPrinter.Name = "LEADTOOLS ePrint IV" or objPrinter.Name = "SnagIt 8" or objPrinter.Name = "Evolis Pebble" or objPrinter.Name = "eCopy Desktop 9.0 Printer" or objPrinter.Name = "Microsoft XPS Document Writer" or objPrinter.Name = "Microsoft Office Document Image Writer" or objPrinter.Name = "Adobe PDF" then
'strdelete = false
'else
'objPrinter.Delete_
'end if 
'next
'************************************************
'MAP DRIVES & PRINTERS BASED ON GROUP MEMBERSHIP
'************************************************
On Error Resume Next
 
Dim fso
Set fso = CreateObject("Scripting.FileSystemObject")
Set objSysInfo = CreateObject("ADSystemInfo")
Set objNetwork = CreateObject("Wscript.Network")
 
strUserPath = "LDAP://" & objSysInfo.UserName
Set objUser = GetObject(strUserPath)
 
For Each strGroup in objUser.MemberOf
    strGroupPath = "LDAP://" & strGroup
    Set objGroup = GetObject(strGroupPath)
    strGroupName = objGroup.CN
 
 Select Case strGroupName
 
Case "NetOps"
'************************************************
'COPY WALLPAPER TO CLIENT COMPUTER
'************************************************
		'Change to 1 if you want it to overwrite
		fso.CopyFile "\\SVR-1\netlogon\netops.jpg", "c:\temp\netops.jpg", -0
		fso.CopyFile "\\SVR-1\netlogon\netops.bgi", "c:\temp\netops.bgi", -1
		fso.CopyFile "\\SVR-1\netlogon\bginfo.exe", "c:\temp\bginfo.exe", -0
		Set fs = Nothing
		Set WSHShell = CreateObject("Wscript.Shell")
		WSHShell.Run ("\\SVR-1\netlogon\netopsbgi.bat"), 0
'************************************************
'MAP NETWORK SHARES
'************************************************
		objNetwork.MapNetworkDrive "I:", "\\SVR-1\RGM32"
		objNetwork.MapNetworkDrive "O:", "\\SVR-3\D$"
		objNetwork.MapNetworkDrive "P:", "\\SVR-3\E$"
		objNetwork.MapNetworkDrive "S:", "\\SVR-2\public\Shares"
		objNetwork.MapNetworkDrive "V:", "\\SVR-2\public\ID Badges"
		objNetwork.MapNetworkDrive "W:", "\\SVR-3\Work Files"
		objNetwork.MapNetworkDrive "X:", "\\SVR-2\public\TSQL"
		objNetwork.MapNetworkDrive "Y:", "\\SVR-1\prof-staff$"
		objNetwork.MapNetworkDrive "Z:", "\\SVR-2\it\Installs"
'************************************************
'MAP NETWORK PRINTERS
'************************************************
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V-iRC6800"
		PrinterDriver = "Canon iR C6800 PCL5c"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
		'WshNetwork.SetDefaultPrinter "\\SVR-1\V-iRC6800"
 
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V-FD-1320"
		PrinterDriver = "hp LaserJet 1320 PCL 6"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
 
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V-FA-1300"
		PrinterDriver = "hp LaserJet 1300 PCL 6"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
        
Case "Management"
'************************************************
'COPY WALLPAPER TO CLIENT COMPUTER
'************************************************
		'Change to 1 if you want it to overwrite
		fso.CopyFile "\\SVR-1\netlogon\management.jpg", "c:\temp\management.jpg", -0
		fso.CopyFile "\\SVR-1\netlogon\management.bgi", "c:\temp\management.bgi", -1
		fso.CopyFile "\\SVR-1\netlogon\bginfo.exe", "c:\temp\bginfo.exe", -0
		Set fs = Nothing
		Set WSHShell = CreateObject("Wscript.Shell")
		WSHShell.Run ("\\SVR-1\netlogon\managementbgi.bat"), 0
'************************************************
'MAP NETWORK SHARES
'************************************************
		objNetwork.MapNetworkDrive "I:", "\\SVR-1\Rgm32"
		objNetwork.MapNetworkDrive "S:", "\\SVR-2\public\SHARES"
		objNetwork.MapNetworkDrive "X:", "\\SVR-2\public\TSQL"
'************************************************
'MAP NETWORK PRINTERS
'************************************************
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V-iRC6800"
		PrinterDriver = "Canon iR C6800 PCL5c"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
		' WshNetwork.SetDefaultPrinter "\\SVR-1\V-iRC6800"
 
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V_FD_1320"
		PrinterDriver = "hp LaserJet 1320 PCL 6"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
 
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V_FA_1300"
		PrinterDriver = "hp LaserJet 1300 PCL 6"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
 
Case "Staff"
'************************************************
'COPY WALLPAPER TO CLIENT COMPUTER
'************************************************
		'Change to 1 if you want it to overwrite
		fso.CopyFile "\\SVR-1\netlogon\staff.jpg", "c:\temp\staff.jpg", -0
		fso.CopyFile "\\SVR-1\netlogon\staff.bgi", "c:\temp\staff.bgi", -1
		fso.CopyFile "\\SVR-1\netlogon\bginfo.exe", "c:\temp\bginfo.exe", -0
		Set fs = Nothing
		Set WSHShell = CreateObject("Wscript.Shell")
		WSHShell.Run ("\\SVR-1\netlogon\staffbgi.bat"), 0
'************************************************
'MAP NETWORK SHARES
'************************************************
		objNetwork.MapNetworkDrive "I:", "\\SVR-1\Rgm32"
		objNetwork.MapNetworkDrive "S:", "\\SVR-2\public\SHARES"
		objNetwork.MapNetworkDrive "X:", "\\SVR-2\public\TSQL"
'************************************************
'MAP VAN NETWORK PRINTERS
'************************************************
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V-iRC6800"
		PrinterDriver = "Canon iR C6800 PCL5c"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
		' WshNetwork.SetDefaultPrinter "\\SVR-1\V-iRC6800"
 
		Set WshNetwork = CreateObject("WScript.Network")
		PrinterPath = "\\SVR-1\V_FD_1320"
		PrinterDriver = "hp LaserJet 1320 PCL 6"
		WshNetwork.AddWindowsPrinterConnection PrinterPath, PrinterDriver
 
	End Select
 
Next
'************************************************
'Map Special Drives By User ID 
'************************************************
'MsgBox(struser)
If InStr(strUser, "sharon.dugan") Then
WshNetwork.MapNetworkDrive "W:", "\\SVR-3\Work Files"
 
End If
 
'MsgBox(struser)
If InStr(strUser, "zed.meyers") Then
WshNetwork.MapNetworkDrive "Q:", "\\haw-0001\quickbooks$"
 
End If
 
'MsgBox(struser)
'If InStr(strUser, "rosleen.aurora") Then
'WshNetwork.MapNetworkDrive "T:", "\\H-fadir\EDConn"
'WshNetwork.MapNetworkDrive "U:", "\\H-fadir\ED"
 
'End If
 
'************************************************
'Numlock On 
'************************************************
set WshShell = CreateObject("WScript.Shell")
WshShell.SendKeys "{NUMLOCK}" 
 
WScript.Quit

Open in new window

LVL 20
LazarusAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
SteveH_UKConnect With a Mentor Commented:
Try running the command:

net user /domain

at a command prompt.  If you can see the information about the users groups, you may have more success using the WinNT provider rather than using LDAP with ADSI.  See:

http://msdn2.microsoft.com/en-us/library/aa772316.aspx

I'm surprised that you are not actually receiving a "you do not have permissions" type of error.
0
 
from_expCommented:
do users have permissions to access this file?
0
 
SteveH_UKCommented:
Can I recommend that you put some debugging info into the script, also break it down into sections to test.  If you save this reduced script in the NETLOGON folder, you will be able to access it from any client.

Then, as a low-privilege user, start Command Prompt and use CSCRIPT to run the script.  Remove the "On Error Resume Next" so that you get error messages, but wrap sections that might legitimately cause errors in "On Error Resume Next"/"On Error Goto 0" pairs so that those continue successfully.

It may be your Active Directory query that is the problem, but let's focus the issue rather than trying to answer hypothetical possibilities.
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
LazarusAuthor Commented:
The users are able to run the script from the NETLOGON folder yes, and the script runs thru, but does not run the 'MAP DRIVES & PRINTERS BASED ON GROUP MEMBERSHIP section. Everything else works for non Enterprise Admins
0
 
SteveH_UKCommented:
Try augmenting the script with some debug info, such as:
  WScript.Echo "Group: "  & strGroupName & vbCrLf

Find out exactly what isn't working, and using this method you'll find out why.
0
 
LazarusAuthor Commented:
With "On Error Resume Next" removed I get an error at line 70 character 1, object not a collection.

Will try the "WScript.Echo "Group: "  & strGroupName & vbCrLf" next
0
 
LazarusAuthor Commented:
Where should I place that snippet of code?
0
 
SteveH_UKCommented:
Sounds like the group membership of the requested user is not accessible.

You may also want to check the permissions in Active Directory.  Do your users have access to enumerate group memberships?
0
 
LazarusAuthor Commented:
I placed your code in there and it comes up with Group: "BLANK"
How do I check to figure out the membership enumeration?
Thats something I've never had to deal with, but I learn...
0
 
LazarusAuthor Commented:
Or better yet, how do I grant it for the script only?
0
 
SteveH_UKCommented:
The code can go on any line.  Most things can be written as strings, so just change strGroupName and the prefix to whatever is useful.

I recommend that you put a whole bunch of these, with different number prefixes, so you can see exactly where your code goes for the user.

If you put them before the line causing the error, you can see what the script can see, by showing the user's details or anything else.

Perhaps also check that the GetObject line has returned an object.
0
 
SteveH_UKCommented:
I'm assuming you don't have a group called BLANK?!  Actually, I know some reasons why such groups DO exist!  Let me know.

Next question is whether the user is a member of any groups.  If the MemberOf property is not a legitimate collection, then the For Each will fail.  Since this is an exceptional case, it may make sense to wrap an On Error pairing around the for each, that way the script will continue after the For Each block in the error case.
0
 
LazarusAuthor Commented:
I'm a bit weak in VBS scripting.

Putting the code "WScript.Echo "Object: "  & strGroupPath & vbCrLf" gives me back LDAP://

Another other help? I seem a bit lost (A LOT LOST)
0
 
LazarusAuthor Commented:
Yes, the user is a member of "Faculty" and a Domain User. The BLANK was just that nothing, like you thought.
0
 
SteveH_UKCommented:
Try adjusting it with an If Then block as follows.  Remember to terminate the block.
For Each strGroup in objUser.MemberOf
    strGroupPath = "" & strGroup ' this forces strGroup to a string
    If strGroupPath <> "" Then
       strGroupPath = "LDAP://" & strGroup
       Set objGroup = GetObject(strGroupPath)
       strGroupName = objGroup.CN
 
    ...
 
    End If

Open in new window

0
 
LazarusAuthor Commented:
OK, after doing that I still get the same thing, so perhaps it's an enumeration problem?
0
 
LazarusAuthor Commented:
So how do I allow the script to enumerate the Users Group properly?
0
 
SteveH_UKCommented:
You can use the following code to see an error, after any statement:

If Err.Number <> 0 Then
      WScript.Echo Err.Description
end if

I don't think "memberOf" is being retrieved correctly.  Am not currently sure why.  Will investigate when I have time.
0
 
SteveH_UKCommented:
Try the following:
http://msdn2.microsoft.com/en-us/library/aa746340.aspx

Use the objUser.Groups item

I can't test this as I'm not a member of any groups.  Note that it does not appear to return membership of the primary group, but I've seen this behaviour documented elsewhere and I don't think it'll affect your needs.
For Each objGroup in objUser.Groups
   WScript.Echo objGroup.Name
Next

Open in new window

0
 
LazarusAuthor Commented:
I'll look into this over the weekend and get back to you.
0
 
LazarusAuthor Commented:
Nope that didn't do anything either. It's simply coming down to a security issue with polices that will not let non admins enumerate a group. So I'll either have to fix that or try another way of scripting this. Thanks for trying though.
0
 
LazarusAuthor Commented:
I was able to figure out a way around everything by using a different method to pull the groups. I'll attach the code snippet
Option Explicit ' Force explicit declarations
Dim WSHNetwork
Dim FSO
Dim strUserName ' Current user
Dim strUserDomain ' Current User's domain name
Dim ObjGroupDict ' Dictionary of groups to which the user belongs
Dim WshShell
 
Set WSHNetwork = WScript.CreateObject("WScript.Network")
Set FSO = CreateObject("Scripting.FileSystemObject")
set wshShell = CreateObject("Wscript.Shell")
 
strUserName = ""
While strUserName = ""
strUserName = WSHNetwork.UserName
Wend
strUserDomain = WSHNetwork.UserDomain
 
Set ObjGroupDict = CreateMemberOfObject(strUserDomain, strUserName)
If MemberOf(ObjGroupDict, "ITTECH") Then
WshNetwork.MapNetworkDrive "N:", "\\SVR1\INSTALLS"
 
ElseIf MemberOf(ObjGroupDict, "STAFF") Then
WshNetwork.MapNetworkDrive "N:", "\\SVR1\SHARES"
 
Else 
'Nothing
End If
 
Function MemberOf(ObjDict, strKey)
MemberOf = CBool(ObjGroupDict.Exists(strKey))
 
End Function
 
Function CreateMemberOfObject(strDomain, strUserName)
 
Dim objUser, objGroup
 
Set CreateMemberOfObject = CreateObject("Scripting.Dictionary")
CreateMemberOfObject.CompareMode = vbTextCompare
Set objUser = GetObject("WinNT://" _
& strDomain & "/" _
& strUserName & ",user")
For Each objGroup In objUser.Groups
CreateMemberOfObject.Add objGroup.Name, "-"
Next
Set objUser = Nothing
 
End Function

Open in new window

0
 
LazarusAuthor Commented:
Wish I could have made the code simpler, But I'm not all that with coding VB Scripts.
Perhaps someone has an idea on how to tighten that code?

But at least I have it working now.
0
 
SteveH_UKCommented:
So looks like you used the WinNT provider as I suggested, then.
0
 
LazarusAuthor Commented:
Well, yeah it sort looks that way. But I had to dig pretty hard to get this code to work for sure...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.