Link to home
Start Free TrialLog in
Avatar of DorisOnline
DorisOnline

asked on

ifmember no longer working in new logon script

Using Server 2003 Active Directory with XP clients;
We have a logon script (logon.bat) that works fine using ifmember to map network drives based on group membership.
I created another logon script using the same syntax (see code snippet) and in stead of executing the commands based on group membership, it executes all command for all groups.
So when a user logs on, the script behaves as if the user is member of all groups.
As far as I can see this can only be because in my new script, ifmember is not recognised as a valid function and errorlevel equals 1, so all commands execute.
I tested the same script locally after logon by copying our ifmember.exe from \\OURSERVER\NETLOGON into a local folder and running the script from that same folder; the script works fine.

The original script was created years ago and since then, we have had all our domain controllers replaced and renamed, although they all have ifmember.exe in the \\SERVER\NETLOGON share.
I even copied the original script to a different gpo and the same problem appears; the copy of the script behaves as if the ifmember.exe function cannot be found.

Any idea why the old script would work and the new one does not?
@echo off
 
:group1
ifmember firstgroup
if not errorlevel 1 goto group2
firstgroup.vbs
 
:group2
ifmember secondgroup
if not errorlevel 1 goto group3
secondgroup.vbs
 
:group3
ifmember thirdgroup
if not errorlevel 1 goto end
thirdgroup.vbs
 
:end
exit

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of oBdA
oBdA

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of DorisOnline
DorisOnline

ASKER

Both the original working one and the new one are run through a GPO and are physically located in the GPO folder.
The netlogon folder had neither.
I put the new one in the netlogon folder like you advised and the new script worked perfectly.
I also figured out now why the original script runs ok; ifmember.exe was copied into its GPO folder so wasn't using the netlogon anyway. I thought a script checks the netlogon folder if it can't find ifmember in the current directory, but apparently not..
I think I will copy ifmember.exe into the new script's GPO folder as well and use my original script since it seems tidier to use separate GPO folders rather put everything in netlogon.
Thanks for the solution!
spot on, thanks for the quick help