I have a login script, which I have variously adapted and used before on Windows domains, in which the script maps a number of drives according to group membership. It reads the group memberships from an LDAP string and then operates a case statement on the contents of the string.
It works for me, as a Domain Admin, but for the ordinary users it skips through without "seeing" any of the groups. Presumably this is some kind of LDAP security problem. I'm quite sure that thhis has worked before and does work on other sites, but I can't see what is different here.
Code snippet below, any suggestions?
' VBScript source code
'Login script for Windows 2003 Server
'If test is 1 then debugging mode enabled
test = 0
if test = 1 then msgbox("Login Script Started")
on error RESUME NEXT
Set fs = CreateObject("Scripting.FileSystemObject")
Set objSysInfo = CreateObject("ADSystemInfo")
Set objNetwork = WScript.CreateObject("WScript.Network")
Set WshShell = WScript.CreateObject("WScript.Shell")
' *** Run through User groups and add/delete drive mappings as required
' *** Then create and analyse a string of user groups
strUserPath = "LDAP://" & objSysInfo.UserName
Set objUser = GetObject(strUserPath)
For Each strGroup in objUser.MemberOf
strGroupPath = "LDAP://" & strGroup
Set objGroup = GetObject(strGroupPath)
strGroupName = objGroup.CN
if test = 1 then msgbox(lcase(strGroupName))
Select Case lcase(strGroupName)
' *** Access to the IFD General Data ***
if test = 1 then msgbox("Mapping Drive D:")
objNetwork.MapNetworkDrive "D:", "\\SERVER\GROUPS\GENERAL"
' *** Access to the Group2 Data ***
if test = 1 then msgbox("Mapping drive G:")
objNetwork.MapNetworkDrive "G:", "\\SERVER\GROUPS\GROUP2"
' *** Access to the Group3 Data ***
if test = 1 then msgbox("Mapping Group3 drive I:")
objNetwork.MapNetworkDrive "I:", "\\SERVER\GROUPS\Group3"
if test = 1 then msgbox("Login Script End")