vbscript help on logon script

Experts, please help!

I know what I am trying to do should be easy - it's a pretty simple script really -  but I am new to scripting and I have googled a ton but I just can't seem to find what I need.

Here's the problem. I have an old batch file that we've been using for login scripts. It works for users internal, but we have a lot of users that come in through Citrix and for some reason it doesn't always work for them (occasionally it will, but we haven't been able to find a pattern). After logging in, if they run it manually it will work. This part I don't get - why does it work manually?

The first part of the script (printer and drive mappings) works. The part we are having trouble with (with those citrix users) is the "setx" (for setting an environment variable). It seems that the "ifmember" does not work when setting environment variables. The reason I say this is because we are trying to set a specific environment variable for users with certain group membership. Then if you are not a member of one of those groups you should get the generic variable. Well the generic variable works (the one that does not have an "ifmember") - everyone gets the generic variable without issue. Its just that a lot of times users don't get their "group-specific" variable.

We have obtained the latest "ifmember" and "setx". The script is currently applied to all users in the default domain GPO. Anyway, I've decided I want to rewrite the script in VBS.

The script only needs to perform 3 functions...replace a file, map drives, (both of those first 2 are working at this point) and set an environment variable based on group membership. Like I said - I know it should be simple, but I'm just missing something.

Below is the old code (CMD file). Can anyone help me with the VBS?

All help is greatly appreciated!!
OLD BATCH FILE - NEW VB FILE LOWER
 
@echo off
net use g: /home
net use h: /delete
net use h: \\FILESERVER5\dept /persistent:no
net use i: /delete
net use j: /delete
net use k: /delete
net use l: /delete
net use n: /delete
net use o: /delete
net use p: /delete
net use s: /delete
net use t: /delete
 
:print
rem This will remove all networked printers
if exist %HOMEDRIVE%\prfixdone.txt goto FlashSales
con2prt /f
copy h:\sapgui\prfixdone.txt %HOMEDRIVE%\prfixdone.txt
 
:FlashSales
ifmember "DOMAIN\Finance"
if not errorlevel 1 goto Scanner
net use i: \\FILESERVER1\finance /persistent:no
net use p: \\FILESERVER2\fasserv /persistent:no
 
:Scanner
ifmember "DOMAIN\DOMAIN Scanner"
if not errorlevel 1 goto ScannerSFH
net use j: \\FILESERVER3\file_share /persistent:no
 
:ScannerSFH
ifmember "DOMAIN\R13"
if not errorlevel 1 goto mktg
net use j: \\FILESERVER3\file_share /persistent:no
 
:mktg
rem if %windir%==M:\WINDOWS goto admin
ifmember "DOMAIN\HeliosPCusers"
if not errorlevel 1 goto admin
net use k: \\FILESERVER4\marketing /user:%username% password /persistent:no
 
:admin
ifmember "DOMAIN\Technology"
if not errorlevel 1 goto OnDemandDev
net use s: \\FILESERVER5\install$ /persistent:no
net use n: \\FILESERVER5\Minime /persistent:no
 
:OnDemandDev
ifmember "DOMAIN\OnDemandDev"
if not errorlevel 1 goto Kronos
net use l: \\FILESERVER6\content /persistent:no
 
:Kronos
ifmember "DOMAIN\Human Resources"
if not errorlevel 1 goto BSTL
net use k: \\FILESERVER7\Connect /persistent:no
 
:BSTL
ifmember "DOMAIN\BSTL"
if not errorlevel 1 goto SAPFull
net use O: \\FILESERVER5\BSTL$ /persistent:no
 
rem This part of the batch file sets the user environment variable for
rem the SAP GUI logon in file, saplogon.ini
rem It tests for AD group membership
rem
 
:SAPFull
ifmember.exe "DOMAIN\SAPGUIFull"
if not errorlevel 1 goto BWFull
setx SAPLOGON_INI_FILE "h:\sapgui\full\saplogon.ini"
goto All
 
:BWFull
ifmember "DOMAIN\SAPGUIBWFull"
if not errorlevel 1 goto BW
setx SAPLOGON_INI_FILE "h:\sapgui\bwfull\saplogon.ini"
goto All
 
 
:BW
ifmember.exe "DOMAIN\SAPGUIBW"
if not errorlevel 1 goto Dev
setx.exe SAPLOGON_INI_FILE "h:\sapgui\bw\saplogon.ini"
goto end
 
:Dev
ifmember "DOMAIN\SAPGUIDev"
if not errorlevel 1 goto DOMAIN
setx SAPLOGON_INI_FILE "h:\sapgui\dev\saplogon.ini"
goto end
 
:DOMAIN
ifmember "DOMAIN\SAPGUIDOMAIN"
if not errorlevel 1 goto All
setx SAPLOGON_INI_FILE "h:\sapgui\DOMAIN\saplogon.ini"
goto end
 
:All
 
rem Training
setx SAPLOGON_INI_FILE "h:\sapgui\all\saplogon.ini"
 
 
:end

Open in new window

wallakylAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Enigma2001Commented:
I'm not really clear on your requirements but I'll give it a crack anyway.

Here is a script that should get you started though. I've added clearing drives, mapping new ones, and launching commands. Just let us know if you need anything else. There is also no error handling or anything in here and it may need some tweaking

This isn't how our login script works but it's got the same basic layout as your current one. I would consider updating it to make it more fail proof.

To map printers use:
oNetwork.AddWindowsPrinterConnection "PrinterLocation eg \\server\hp-printer"

To set mapped printer as default:
oNetwork.SetDefaultPrinter "PrinterPath"

Hope this helps


' =========== Start Of Script

Option Explicit
'On Error Resume Next

DIM oShell, oNetwork, oPrinters, oDrives
DIM ADSysInfo, CurrentUser, LogServer
DIM UsrGrp, i
Dim strDriveLetter, strDrivePath



' =======================================================         Pull in logged on Users Info

  Set oShell = CreateObject("WScript.Shell")
  LogServer = oShell.ExpandEnvironmentStrings("%logonserver%")
  Set ADSysInfo = CreateObject("ADSystemInfo")
  Set CurrentUser = GetObject("LDAP://" & ADSysInfo.UserName)  


' =======================================================         Delete All Printers & Network Drives bar the H: Drive

  Set oNetwork = CreateObject("WScript.Network")            
  Set oPrinters = oNetwork.EnumPrinterConnections

' === Printers

  For i = 0 to oPrinters.Count - 1 Step 2
    If Left(ucase(oPrinters.Item(i+1)),2) = "\\" Then
      oNetwork.RemovePrinterConnection oPrinters.Item(i+1)
    End IF
  Next

' === Drives

  Set oDrives = oNetwork.EnumNetworkDrives
  For i = 0 to oDrives.Count - 1 Step 2
    If oDrives(i) <> "H:" Then
      oNetwork.RemoveNetworkDrive oDrives(i), True, True
    End IF
  Next


' =======================================================        Select Based on Group Membership


  For Each UsrGrp In CurrentUser.Groups
 
    Select Case uCase(right(Usrgrp.Name,Len(UsrGrp.Name) - 3))
   
    Case "FINANCE"
      MapDrive "i:", "\\FILESERVER1\finance"
      MapDrive "p:", "\\FILESERVER2\fasserv"

    Case "DOMAIN SCANNER"
      MapDrive "j:", "\\FILESERVER3\file_share"

    Case "R13"
      MapDrive "j:", "\\FILESERVER3\file_share"

    Case "HELIOSPCUSERS"
      MapDrive "k:", "\\FILESERVER4\marketing"

    Case "TECHNOLOGY"
      MapDrive "s:", "\\FILESERVER5\install$"
      MapDrive "n:", "\\FILESERVER5\Minime"

    Case "ONDEMANDDEV"
      MapDrive "l:", "\\FILESERVER6\content"

    Case "HUMAN RESOURCES"
      MapDrive "k:", "\\FILESERVER7\Connect"

    Case "BSTL"
      MapDrive "O:", "\\FILESERVER5\BSTL$"

    Case "SAPGUIFULL"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\full\saplogon.ini""", 6, True

    Case "SAPGUIBWFULL"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\bwfull\saplogon.ini""", 6, True

    Case "SAPGUIBW"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\bw\saplogon.ini""", 6, True
   
    Case "SAPGUIDEV"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\dev\saplogon.ini""", 6, True

    Case "SAPGUIDOMAIN"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\DOMAIN\saplogon.ini""", 6, True

    End Select
  Next

  oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\all\saplogon.ini""", 6, True  


Sub MapDrive(strDriveLetter, strDrivePath)
  oNetwork.MapNetworkDrive strDriveLetter, strDrivePath
End Sub


0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
wallakylAuthor Commented:
Enigma2001,

This is awesome, thanks so much!

The only thing I would like to change is to separate the drive mappings from the environment variables. The reason is that I want to move the last "setx" into the Select statements with a "Case Else" for the remaining users who were not a member of any of the SAP groups. I can't add it now though, because they may be a member of one of the mapped drives groups and then wouldn't get it (I think).

How can I split those out?

Thanks again!!
Case "SAPGUIDOMAIN"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\DOMAIN\saplogon.ini""", 6, True
 
Case Else
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\all\saplogon.ini""", 6, True  
 
    End Select
  Next

Open in new window

0
wallakylAuthor Commented:
OK, I am really close I think. I have created two SELECT CASE sections in order to separate out the map drives and 'setx' commands. And that is all working!

The only problem is that for the 'setx' I need it to set it to a specific .ini file if the user matches a particular group - but if they do not match any of those groups I need it to set a generic .ini file.

I figured I could do this with the CASE ELSE but it is not working the way I intended. If I don't have the CASE ELSE at the end, the users that are in the groups receive the correct .ini. But if I add the CASE ELSE (in order to capture the generic users) it maps EVERYONE to the generic .ini. So I think they are getting the group-specific .ini first, then when it gets to the CASE ELSE it is overwritten by that statement and they receive the generic .ini. How do I stop their group-specific .ini from being overwritten when they get to the CASE ELSE statement?

How do I say, "If your group membership matched one of the CASE statements, skip the CASE ELSE statement" or "skip to the end" or something like that?

I'll attach what I'm using so far...
  For Each UsrGrp In CurrentUser.Groups
 
    Select Case uCase(right(Usrgrp.Name,Len(UsrGrp.Name) - 3))
 
    Case "SAPGUIFULL"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\full\saplogon.ini""", 6, True
 
    Case "SAPGUIBWFULL"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\bwfull\saplogon.ini""", 6, True
 
    Case "SAPGUIBW"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\bw\saplogon.ini""", 6, True
   
    Case "SAPGUIDEV"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\dev\saplogon.ini""", 6, True
 
    Case "SAPGUIDOMAIN"
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\DOMAIN\saplogon.ini""", 6, True
      
    Case Else
      oshell.run "setx SAPLOGON_INI_FILE ""h:\sapgui\all\saplogon.ini""", 6, True
      
    End Select
  Next  
  
  WScript.Quit

Open in new window

0
Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

Enigma2001Commented:
It may be easier just to set the default and then run the select statement without a case else, that way it only get over written if you are part of a group. eg

Set Default INI
Select Case
  Case A
    Set INI 1
 Case B
   Set INI 2
End Select

That's the problem with using select case and the like for creating login scripts. Essentially it works but if anyone is part of two groups that contradict each other then you are in a bit of a pickle.

If you ever want to rewrite the entire login script just give us a hoy.
0
wallakylAuthor Commented:
Works great, thanks again!
0
Enigma2001Commented:
No worries mate,

Have a good one, and thanks for the points.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Scripting Languages

From novice to tech pro — start learning today.