Solved

vbscript help on logon script

Posted on 2009-06-29
6
1,423 Views
Last Modified: 2012-05-07
Experts, please help!

I know what I am trying to do should be easy - it's a pretty simple script really -  but I am new to scripting and I have googled a ton but I just can't seem to find what I need.

Here's the problem. I have an old batch file that we've been using for login scripts. It works for users internal, but we have a lot of users that come in through Citrix and for some reason it doesn't always work for them (occasionally it will, but we haven't been able to find a pattern). After logging in, if they run it manually it will work. This part I don't get - why does it work manually?

The first part of the script (printer and drive mappings) works. The part we are having trouble with (with those citrix users) is the "setx" (for setting an environment variable). It seems that the "ifmember" does not work when setting environment variables. The reason I say this is because we are trying to set a specific environment variable for users with certain group membership. Then if you are not a member of one of those groups you should get the generic variable. Well the generic variable works (the one that does not have an "ifmember") - everyone gets the generic variable without issue. Its just that a lot of times users don't get their "group-specific" variable.

We have obtained the latest "ifmember" and "setx". The script is currently applied to all users in the default domain GPO. Anyway, I've decided I want to rewrite the script in VBS.

The script only needs to perform 3 functions...replace a file, map drives, (both of those first 2 are working at this point) and set an environment variable based on group membership. Like I said - I know it should be simple, but I'm just missing something.

Below is the old code (CMD file). Can anyone help me with the VBS?

All help is greatly appreciated!!
OLD BATCH FILE - NEW VB FILE LOWER
 

@echo off

net use g: /home

net use h: /delete

net use h: \\FILESERVER5\dept /persistent:no

net use i: /delete

net use j: /delete

net use k: /delete

net use l: /delete

net use n: /delete

net use o: /delete

net use p: /delete

net use s: /delete

net use t: /delete
 

:print

rem This will remove all networked printers

if exist %HOMEDRIVE%\prfixdone.txt goto FlashSales

con2prt /f

copy h:\sapgui\prfixdone.txt %HOMEDRIVE%\prfixdone.txt
 

:FlashSales

ifmember "DOMAIN\Finance"

if not errorlevel 1 goto Scanner

net use i: \\FILESERVER1\finance /persistent:no

net use p: \\FILESERVER2\fasserv /persistent:no
 

:Scanner

ifmember "DOMAIN\DOMAIN Scanner"

if not errorlevel 1 goto ScannerSFH

net use j: \\FILESERVER3\file_share /persistent:no
 

:ScannerSFH

ifmember "DOMAIN\R13"

if not errorlevel 1 goto mktg

net use j: \\FILESERVER3\file_share /persistent:no
 

:mktg

rem if %windir%==M:\WINDOWS goto admin

ifmember "DOMAIN\HeliosPCusers"

if not errorlevel 1 goto admin

net use k: \\FILESERVER4\marketing /user:%username% password /persistent:no
 

:admin

ifmember "DOMAIN\Technology"

if not errorlevel 1 goto OnDemandDev

net use s: \\FILESERVER5\install$ /persistent:no

net use n: \\FILESERVER5\Minime /persistent:no
 

:OnDemandDev

ifmember "DOMAIN\OnDemandDev"

if not errorlevel 1 goto Kronos

net use l: \\FILESERVER6\content /persistent:no
 

:Kronos

ifmember "DOMAIN\Human Resources"

if not errorlevel 1 goto BSTL

net use k: \\FILESERVER7\Connect /persistent:no
 

:BSTL

ifmember "DOMAIN\BSTL"

if not errorlevel 1 goto SAPFull

net use O: \\FILESERVER5\BSTL$ /persistent:no
 

rem This part of the batch file sets the user environment variable for

rem the SAP GUI logon in file, saplogon.ini

rem It tests for AD group membership

rem
 

:SAPFull

ifmember.exe "DOMAIN\SAPGUIFull"

if not errorlevel 1 goto BWFull

setx SAPLOGON_INI_FILE "h:\sapgui\full\saplogon.ini"

goto All
 

:BWFull

ifmember "DOMAIN\SAPGUIBWFull"

if not errorlevel 1 goto BW

setx SAPLOGON_INI_FILE "h:\sapgui\bwfull\saplogon.ini"

goto All
 
 

:BW

ifmember.exe "DOMAIN\SAPGUIBW"

if not errorlevel 1 goto Dev

setx.exe SAPLOGON_INI_FILE "h:\sapgui\bw\saplogon.ini"

goto end
 

:Dev

ifmember "DOMAIN\SAPGUIDev"

if not errorlevel 1 goto DOMAIN

setx SAPLOGON_INI_FILE "h:\sapgui\dev\saplogon.ini"

goto end
 

:DOMAIN

ifmember "DOMAIN\SAPGUIDOMAIN"

if not errorlevel 1 goto All

setx SAPLOGON_INI_FILE "h:\sapgui\DOMAIN\saplogon.ini"

goto end
 

:All
 

rem Training

setx SAPLOGON_INI_FILE "h:\sapgui\all\saplogon.ini"
 
 

:end

Open in new window

0
Comment
Question by:wallakyl
  • 3
  • 3
6 Comments
 
LVL 4

Accepted Solution

by:
Enigma2001 earned 500 total points
ID: 24742549
I'm not really clear on your requirements but I'll give it a crack anyway.

Here is a script that should get you started though. I've added clearing drives, mapping new ones, and launching commands. Just let us know if you need anything else. There is also no error handling or anything in here and it may need some tweaking

This isn't how our login script works but it's got the same basic layout as your current one. I would consider updating it to make it more fail proof.

To map printers use:
oNetwork.AddWindowsPrinterConnection "PrinterLocation eg \\server\hp-printer"

To set mapped printer as default:
oNetwork.SetDefaultPrinter "PrinterPath"

Hope this helps


' =========== Start Of Script

Option Explicit
'On Error Resume Next

DIM oShell, oNetwork, oPrinters, oDrives
DIM ADSysInfo, CurrentUser, LogServer
DIM UsrGrp, i
Dim strDriveLetter, strDrivePath



' =======================================================         Pull in logged on Users Info

  Set oShell = CreateObject("WScript.Shell")
  LogServer = oShell.ExpandEnvironmentStrings("%logonserver%")
  Set ADSysInfo = CreateObject("ADSystemInfo")
  Set CurrentUser = GetObject("LDAP://" & ADSysInfo.UserName)  


' =======================================================         Delete All Printers & Network Drives bar the H: Drive

  Set oNetwork = CreateObject("WScript.Network")            
  Set oPrinters = oNetwork.EnumPrinterConnections

' === Printers

  For i = 0 to oPrinters.Count - 1 Step 2
    If Left(ucase(oPrinters.Item(i+1)),2) = "\\" Then
      oNetwork.RemovePrinterConnection oPrinters.Item(i+1)
    End IF
  Next

' === Drives

  Set oDrives = oNetwork.EnumNetworkDrives
  For i = 0 to oDrives.Count - 1 Step 2
    If oDrives(i) <> "H:" Then
      oNetwork.RemoveNetworkDrive oDrives(i), True, True
    End IF
  Next


' =======================================================        Select Based on Group Membership


  For Each UsrGrp In CurrentUser.Groups
 
    Select Case uCase(right(Usrgrp.Name,Len(UsrGrp.Name) - 3))
   
    Case "FINANCE"
      MapDrive "i:", "\\FILESERVER1\finance"
      MapDrive "p:", "\\FILESERVER2\fasserv"

    Case "DOMAIN SCANNER"
      MapDrive "j:", "\\FILESERVER3\file_share"

    Case "R13"
      MapDrive "j:", "\\FILESERVER3\file_share"

    Case "HELIOSPCUSERS"
      MapDrive "k:", "\\FILESERVER4\marketing"

    Case "TECHNOLOGY"
      MapDrive "s:", "\\FILESERVER5\install$"
      MapDrive "n:", "\\FILESERVER5\Minime"

    Case "ONDEMANDDEV"
      MapDrive "l:", "\\FILESERVER6\content"

    Case "HUMAN RESOURCES"
      MapDrive "k:", "\\FILESERVER7\Connect"

    Case "BSTL"
      MapDrive "O:", "\\FILESERVER5\BSTL$"

    Case "SAPGUIFULL"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\full\saplogon.ini""", 6, True

    Case "SAPGUIBWFULL"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\bwfull\saplogon.ini""", 6, True

    Case "SAPGUIBW"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\bw\saplogon.ini""", 6, True
   
    Case "SAPGUIDEV"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\dev\saplogon.ini""", 6, True

    Case "SAPGUIDOMAIN"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\DOMAIN\saplogon.ini""", 6, True

    End Select
  Next

  oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\all\saplogon.ini""", 6, True  


Sub MapDrive(strDriveLetter, strDrivePath)
  oNetwork.MapNetworkDrive strDriveLetter, strDrivePath
End Sub


0
 

Author Comment

by:wallakyl
ID: 24745171
Enigma2001,

This is awesome, thanks so much!

The only thing I would like to change is to separate the drive mappings from the environment variables. The reason is that I want to move the last "setx" into the Select statements with a "Case Else" for the remaining users who were not a member of any of the SAP groups. I can't add it now though, because they may be a member of one of the mapped drives groups and then wouldn't get it (I think).

How can I split those out?

Thanks again!!
Case "SAPGUIDOMAIN"

      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\DOMAIN\saplogon.ini""", 6, True
 

Case Else

      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\all\saplogon.ini""", 6, True  
 

    End Select

  Next

Open in new window

0
 

Author Comment

by:wallakyl
ID: 24749894
OK, I am really close I think. I have created two SELECT CASE sections in order to separate out the map drives and 'setx' commands. And that is all working!

The only problem is that for the 'setx' I need it to set it to a specific .ini file if the user matches a particular group - but if they do not match any of those groups I need it to set a generic .ini file.

I figured I could do this with the CASE ELSE but it is not working the way I intended. If I don't have the CASE ELSE at the end, the users that are in the groups receive the correct .ini. But if I add the CASE ELSE (in order to capture the generic users) it maps EVERYONE to the generic .ini. So I think they are getting the group-specific .ini first, then when it gets to the CASE ELSE it is overwritten by that statement and they receive the generic .ini. How do I stop their group-specific .ini from being overwritten when they get to the CASE ELSE statement?

How do I say, "If your group membership matched one of the CASE statements, skip the CASE ELSE statement" or "skip to the end" or something like that?

I'll attach what I'm using so far...
  For Each UsrGrp In CurrentUser.Groups

 

    Select Case uCase(right(Usrgrp.Name,Len(UsrGrp.Name) - 3))
 

    Case "SAPGUIFULL"

      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\full\saplogon.ini""", 6, True
 

    Case "SAPGUIBWFULL"

      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\bwfull\saplogon.ini""", 6, True
 

    Case "SAPGUIBW"

      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\bw\saplogon.ini""", 6, True

   

    Case "SAPGUIDEV"

      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\dev\saplogon.ini""", 6, True
 

    Case "SAPGUIDOMAIN"

      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\DOMAIN\saplogon.ini""", 6, True

      

    Case Else

      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\all\saplogon.ini""", 6, True

      

    End Select

  Next  

  

  WScript.Quit

Open in new window

0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 4

Assisted Solution

by:Enigma2001
Enigma2001 earned 500 total points
ID: 24750303
It may be easier just to set the default and then run the select statement without a case else, that way it only get over written if you are part of a group. eg

Set Default INI
Select Case
  Case A
    Set INI 1
 Case B
   Set INI 2
End Select

That's the problem with using select case and the like for creating login scripts. Essentially it works but if anyone is part of two groups that contradict each other then you are in a bit of a pickle.

If you ever want to rewrite the entire login script just give us a hoy.
0
 

Author Comment

by:wallakyl
ID: 24759199
Works great, thanks again!
0
 
LVL 4

Expert Comment

by:Enigma2001
ID: 24760646
No worries mate,

Have a good one, and thanks for the points.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

I have published numerous articles here at Experts Exchange that present programs/scripts written in a language called AutoHotkey. Each of those articles has a brief paragraph describing where to download the product and how to install it. I have al…
Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now