?
Solved

Login Script

Posted on 2008-06-25
17
Medium Priority
?
619 Views
Last Modified: 2010-07-27
I have an Active directory login script that runs on all users.  I would like to put at the begining of the script, if the computer name is XXXXX, then dont run the script.  I would like to use a list of computer names.  How can I do this?
0
Comment
Question by:Americare
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 4
  • +1
17 Comments
 
LVL 2

Accepted Solution

by:
HengTime earned 1500 total points
ID: 21866361
try something like this

IF %COMPUTERNAME% == "SomeComputerName" Then....

%COMPUTERNAME% gives you the name of the computer the script is running on
0
 
LVL 2

Expert Comment

by:HengTime
ID: 21866645
you could put the computer names you want to exclude in a txt file on a server like this:

Name1
Name2
Name3

and then use

findstr /X "ComputerName" "ExcludedComputers.txt"
IF ERRORLEVEL 1
<The code you want to exectue if the computer name is not found"
0
 
LVL 3

Expert Comment

by:blimster
ID: 21866681
Set DoScript=True
FOR /F "tokens=1" %%I IN (a.txt) DO IF %%I==%COMPUTERNAME% SetDoScript=False

If %DoScript%==False GOTO :EOF

:MAIN

pause

:EOF
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:Americare
ID: 21867305
Hengtime:
If I do this:
IF %COMPUTERNAME% == "SomeComputerName"  GOTO NOINSTALL
:INSTALL

And at the end of the file I put

:NOINSTALL

Will that work?
0
 

Author Comment

by:Americare
ID: 21867326
Blimster:
Will that work in a batch file?  Can I put that at the beinging of the script?
a.txt?  IS that the list of computer names I want to exclude?  Where do I put that file?
0
 
LVL 3

Expert Comment

by:blimster
ID: 21871979
yess that is a batch .bat or .cmd will do


yes just put it at the start of the script and have you main script under the :MAIN label

i've put the pause in there just for light testing, so remove it when you add it.

the a.txt can be any text based file that holds whe workstations names.

ie

pc1
pc2
pc3


NOTE(BIG NOTE):
the path to a.txt must not have anyspaces, you cannot substitue this for environment varibles and you cannot put double quotes around it as the for statement interperates them differently.

0
 
LVL 3

Expert Comment

by:blimster
ID: 21872052
Here's a VBScript version if your into that. (Better imo)

similar to the batch but should handel spaces better then the batch

same as before a.txt holds the list

the last like will run your batch script if a workstation isn't in the list.
just replace login.bat with a full path to your script. It should take environment variables here.

so just make the vbs your login script and replace login.bat with the full path to your current login script
and replace a.txt with the full path to your exclusion list i


Option Explicit
On Error Resume Next 
 
Const ForReading = 1
 
Dim objShell, objFSO, objNetwork, objFIle
 
Set objShell = CreateObject("WScript.Shell")
Set objFSO = CreateObject("Scripting.FileSystemObject") 
Set objNetwork = CreateObject("WScript.Network")
 
Dim index, wks, strList
Dim arrWks()
 
strList = "a.txt" 'replace with your list
Set objFile = objFSO.OpenTextFile(strList, ForReading)
 
index = 0
Do Until objFile.AtEndOfStream
	ReDim Preserve arrWks(index)
	arrWks(index) = objFile.ReadLine
	index = index + 1
Loop
objFile.Close
 
For Each wks In arrWks
	If objNetwork.Computername = wks then WScript.quit
Next
 
objShell.Run "cmd.exe /k" & "Login.bat" 'run DOS commands

Open in new window

0
 
LVL 3

Expert Comment

by:blimster
ID: 21872058
you can comment out like to for trouble shooting.

but yeah much more flexible then the batch
0
 
LVL 2

Expert Comment

by:HengTime
ID: 21873413
IF %COMPUTERNAME% == "SomeComputerName"  GOTO NOINSTALL
:INSTALL

And at the end of the file I put

:NOINSTALL

That would work!
0
 

Author Comment

by:Americare
ID: 21874956
Neither one of these solutions are working effectivley.  Is there a way using IF Member and an active directory group?
0
 
LVL 2

Expert Comment

by:HengTime
ID: 21879427
you mean it isnt working at all?

what OS is running on the computers?
0
 
LVL 14

Expert Comment

by:canali
ID: 21879759
Create a file excludedPC.txt and put it in the same folder of your batch
::excludedPC.txt saple file
pc1
pc2
pc3
myPC

then modify your batch
@echo off
setlocal
findstr /x /i "%computername%" %0\..\excludedPC.txt && goto :NoInstall
:: start of your batch

:: end of your batch
:NoInstall
0
 
LVL 3

Expert Comment

by:blimster
ID: 21880474
Don't see how the VBS script doesn't work. What do you mean by "effectiveley"?


You can find if the user is part of  an OU with this VBS

Difference between this and the previous VBS is that this check the OU rather then the list.
More manageable.

Still executes like the previous one (ie kicks off you current script "Login.bat" or what ever it is) if the user is not apart of the excluded OU

Echo statements are for light trouble shooting remove them when your happy.
On Error Resume Next
 
Dim wshNetwork, objConnection, objCommand, objRecordSet, objShell 
Dim strUser, strUserOU, strExcludeOU
 
Const ADS_SCOPE_SUBTREE = 2
 
Set wshNetwork = CreateObject("WScript.Network")
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
Set objShell = CreateObject("WScript.Shell")
 
strUser = wshNetwork.Username
strUser = Trim(strUser)
 
strExcludeOU = "Script Off OU"
strExcludeOU = Trim(strExcludeOU)
 
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
 
objCommand.CommandText = _
    "SELECT distinguishedName FROM 'LDAP://dc=hic,dc=hicnet'WHERE objectCategory='user'AND sAMAccountName='" & strUser & "'"
Set objRecordSet = objCommand.Execute
 
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
    Dim strDN, arrPath, intLength, intNameLength
    strDN = objRecordSet.Fields("distinguishedName").Value
    arrPath = Split(strDN, ",")
    intLength = Len(arrPath(1))
    intNameLength = intLength - 3
    strUserOU = Right(arrPath(1), intNameLength)
    
    If strUserOU = strExcludeOU Then 
	    WScript.Echo (strUser & " is apart of " & strExcludeOU)
	    WScript.Quit
    End If
    
    objRecordSet.MoveNext
Loop
 
WScript.Echo (strUser & " is not apart of " & strExcludeOU)
objShell.Run "cmd.exe /k" & "Login.bat" 'run DOS commands

Open in new window

0
 
LVL 3

Expert Comment

by:blimster
ID: 21880486
Forgot to add.

Replace the dc=hic, dc=hicnet with your own dc.

(Duh!) but still...
0
 
LVL 3

Expert Comment

by:blimster
ID: 21880489
And strExcludeOU = "Script Off OU"
with whatever your group is..
0
 

Author Comment

by:Americare
ID: 21888826
ALL:

These are WYSE xpe thin client computers.  The users logging into them from the domain have an attached login script that needs to run for other machines they log into.  But on these particular machines, the login script needs to be blocked.  Do you see any other way to attack this problem?
0
 
LVL 14

Expert Comment

by:canali
ID: 21898150
Give us the output of this command  on Wyse tc
wmic computersystem get model
You can run it with w normal user ?
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question