Solved

Login Script

Posted on 2008-06-25
17
611 Views
Last Modified: 2010-07-27
I have an Active directory login script that runs on all users.  I would like to put at the begining of the script, if the computer name is XXXXX, then dont run the script.  I would like to use a list of computer names.  How can I do this?
0
Comment
Question by:Americare
  • 7
  • 4
  • 4
  • +1
17 Comments
 
LVL 2

Accepted Solution

by:
HengTime earned 500 total points
ID: 21866361
try something like this

IF %COMPUTERNAME% == "SomeComputerName" Then....

%COMPUTERNAME% gives you the name of the computer the script is running on
0
 
LVL 2

Expert Comment

by:HengTime
ID: 21866645
you could put the computer names you want to exclude in a txt file on a server like this:

Name1
Name2
Name3

and then use

findstr /X "ComputerName" "ExcludedComputers.txt"
IF ERRORLEVEL 1
<The code you want to exectue if the computer name is not found"
0
 
LVL 3

Expert Comment

by:blimster
ID: 21866681
Set DoScript=True
FOR /F "tokens=1" %%I IN (a.txt) DO IF %%I==%COMPUTERNAME% SetDoScript=False

If %DoScript%==False GOTO :EOF

:MAIN

pause

:EOF
0
 

Author Comment

by:Americare
ID: 21867305
Hengtime:
If I do this:
IF %COMPUTERNAME% == "SomeComputerName"  GOTO NOINSTALL
:INSTALL

And at the end of the file I put

:NOINSTALL

Will that work?
0
 

Author Comment

by:Americare
ID: 21867326
Blimster:
Will that work in a batch file?  Can I put that at the beinging of the script?
a.txt?  IS that the list of computer names I want to exclude?  Where do I put that file?
0
 
LVL 3

Expert Comment

by:blimster
ID: 21871979
yess that is a batch .bat or .cmd will do


yes just put it at the start of the script and have you main script under the :MAIN label

i've put the pause in there just for light testing, so remove it when you add it.

the a.txt can be any text based file that holds whe workstations names.

ie

pc1
pc2
pc3


NOTE(BIG NOTE):
the path to a.txt must not have anyspaces, you cannot substitue this for environment varibles and you cannot put double quotes around it as the for statement interperates them differently.

0
 
LVL 3

Expert Comment

by:blimster
ID: 21872052
Here's a VBScript version if your into that. (Better imo)

similar to the batch but should handel spaces better then the batch

same as before a.txt holds the list

the last like will run your batch script if a workstation isn't in the list.
just replace login.bat with a full path to your script. It should take environment variables here.

so just make the vbs your login script and replace login.bat with the full path to your current login script
and replace a.txt with the full path to your exclusion list i


Option Explicit

On Error Resume Next 
 

Const ForReading = 1
 

Dim objShell, objFSO, objNetwork, objFIle
 

Set objShell = CreateObject("WScript.Shell")

Set objFSO = CreateObject("Scripting.FileSystemObject") 

Set objNetwork = CreateObject("WScript.Network")
 

Dim index, wks, strList

Dim arrWks()
 

strList = "a.txt" 'replace with your list

Set objFile = objFSO.OpenTextFile(strList, ForReading)
 

index = 0

Do Until objFile.AtEndOfStream

	ReDim Preserve arrWks(index)

	arrWks(index) = objFile.ReadLine

	index = index + 1

Loop

objFile.Close
 

For Each wks In arrWks

	If objNetwork.Computername = wks then WScript.quit

Next
 

objShell.Run "cmd.exe /k" & "Login.bat" 'run DOS commands

Open in new window

0
 
LVL 3

Expert Comment

by:blimster
ID: 21872058
you can comment out like to for trouble shooting.

but yeah much more flexible then the batch
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 2

Expert Comment

by:HengTime
ID: 21873413
IF %COMPUTERNAME% == "SomeComputerName"  GOTO NOINSTALL
:INSTALL

And at the end of the file I put

:NOINSTALL

That would work!
0
 

Author Comment

by:Americare
ID: 21874956
Neither one of these solutions are working effectivley.  Is there a way using IF Member and an active directory group?
0
 
LVL 2

Expert Comment

by:HengTime
ID: 21879427
you mean it isnt working at all?

what OS is running on the computers?
0
 
LVL 14

Expert Comment

by:canali
ID: 21879759
Create a file excludedPC.txt and put it in the same folder of your batch
::excludedPC.txt saple file
pc1
pc2
pc3
myPC

then modify your batch
@echo off
setlocal
findstr /x /i "%computername%" %0\..\excludedPC.txt && goto :NoInstall
:: start of your batch

:: end of your batch
:NoInstall
0
 
LVL 3

Expert Comment

by:blimster
ID: 21880474
Don't see how the VBS script doesn't work. What do you mean by "effectiveley"?


You can find if the user is part of  an OU with this VBS

Difference between this and the previous VBS is that this check the OU rather then the list.
More manageable.

Still executes like the previous one (ie kicks off you current script "Login.bat" or what ever it is) if the user is not apart of the excluded OU

Echo statements are for light trouble shooting remove them when your happy.
On Error Resume Next
 

Dim wshNetwork, objConnection, objCommand, objRecordSet, objShell 

Dim strUser, strUserOU, strExcludeOU
 

Const ADS_SCOPE_SUBTREE = 2
 

Set wshNetwork = CreateObject("WScript.Network")

Set objConnection = CreateObject("ADODB.Connection")

Set objCommand =   CreateObject("ADODB.Command")

objConnection.Provider = "ADsDSOObject"

objConnection.Open "Active Directory Provider"

Set objCommand.ActiveConnection = objConnection

Set objShell = CreateObject("WScript.Shell")
 

strUser = wshNetwork.Username

strUser = Trim(strUser)
 

strExcludeOU = "Script Off OU"

strExcludeOU = Trim(strExcludeOU)
 

objCommand.Properties("Page Size") = 1000

objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
 

objCommand.CommandText = _

    "SELECT distinguishedName FROM 'LDAP://dc=hic,dc=hicnet'WHERE objectCategory='user'AND sAMAccountName='" & strUser & "'"

Set objRecordSet = objCommand.Execute
 

objRecordSet.MoveFirst

Do Until objRecordSet.EOF

    Dim strDN, arrPath, intLength, intNameLength

    strDN = objRecordSet.Fields("distinguishedName").Value

    arrPath = Split(strDN, ",")

    intLength = Len(arrPath(1))

    intNameLength = intLength - 3

    strUserOU = Right(arrPath(1), intNameLength)

    

    If strUserOU = strExcludeOU Then 

	    WScript.Echo (strUser & " is apart of " & strExcludeOU)

	    WScript.Quit

    End If

    

    objRecordSet.MoveNext

Loop
 

WScript.Echo (strUser & " is not apart of " & strExcludeOU)

objShell.Run "cmd.exe /k" & "Login.bat" 'run DOS commands

Open in new window

0
 
LVL 3

Expert Comment

by:blimster
ID: 21880486
Forgot to add.

Replace the dc=hic, dc=hicnet with your own dc.

(Duh!) but still...
0
 
LVL 3

Expert Comment

by:blimster
ID: 21880489
And strExcludeOU = "Script Off OU"
with whatever your group is..
0
 

Author Comment

by:Americare
ID: 21888826
ALL:

These are WYSE xpe thin client computers.  The users logging into them from the domain have an attached login script that needs to run for other machines they log into.  But on these particular machines, the login script needs to be blocked.  Do you see any other way to attack this problem?
0
 
LVL 14

Expert Comment

by:canali
ID: 21898150
Give us the output of this command  on Wyse tc
wmic computersystem get model
You can run it with w normal user ?
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Mapping Drives using Group policy preferences Are you still using old scripts to map your network drives if so this article will show you how to get away for old scripts and move toward Group Policy Preference for mapping them. First things f…
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now