LSB-IT
asked on
Windows 2008 VBscript problem. Group within a group...
We have a login script that maps drives based on groups. We have been using this script on windows 2003 with no problems. The scripts actually will run on a 2008 server as this is a terminal server. If I put a user directly in the group that we have in the login script it works fine, however if there is a group within the group that we call in the login script it does not work. Again it works fine on 2003 but will not work on 2008.
Thanks
Thanks
Please post the script so I can take a look at it..
ASKER
I have tried two differant scripts. Here is one of them. (both work on 2003)
' VBScript to map drives based on group membership
'------------------------- ---------- ---------- ------
On Error Resume Next
Set WshNetwork = CreateObject("WScript.Netw ork")
DomainString = WshNetwork.UserDomain
UserString = WshNetwork.UserName
Set UserObj = GetObject("WinNT://" & DomainString & "/" & UserString)
'unmap all drives
'WshNetwork.RemoveNetworkD rive "G:",true,true
'WshNetwork.RemoveNetworkD rive "W:",true,true
'WshNetwork.RemoveNetworkD rive "X:",true,true
For Each GroupObject In UserObj.Groups
Select Case GroupObject.Name
Case "G Drive Map"
WshNetwork.MapNetworkDrive "G:", "\\server\share"
Case "Group 2"
WshNetwork.MapNetworkDrive "Y:", "\\<Server>\<Share>"
Case "Group 3"
WshNetwork.MapNetworkDrive "X:", "\\<Server>\<Share>"
End Select
Next
WScript.Quit
' VBScript to map drives based on group membership
'-------------------------
On Error Resume Next
Set WshNetwork = CreateObject("WScript.Netw
DomainString = WshNetwork.UserDomain
UserString = WshNetwork.UserName
Set UserObj = GetObject("WinNT://" & DomainString & "/" & UserString)
'unmap all drives
'WshNetwork.RemoveNetworkD
'WshNetwork.RemoveNetworkD
'WshNetwork.RemoveNetworkD
For Each GroupObject In UserObj.Groups
Select Case GroupObject.Name
Case "G Drive Map"
WshNetwork.MapNetworkDrive
Case "Group 2"
WshNetwork.MapNetworkDrive
Case "Group 3"
WshNetwork.MapNetworkDrive
End Select
Next
WScript.Quit
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
To clarify - the WinNT provider may have allowed for recursive lookup in 2003, but since NT is not supported in 2008, the WinNT provider may no longer be valid, either. And since you have On Error Resume Next in there, it wouldn't even bother to tell you the error. If you want to verify, then comment out that line and try to run it on your 2008 server and see what happens.
-exx
-exx
ASKER
I am not a VB guy at all, I just find scripts that I need and change them to fit my environment. If I shouldn’t use the WinNT provider should I be using a different script? I also don’t want to slow down login scripts, we are having issues with that already so the faster the better.
ASKER
Oh I forgot to mention that I dont get any errors at all. The script runs fine, just doesnt look past the root of the group.
If you're not a VB guy (not capable of modifying/rewriting/mergin g the code you're asking for), then you'll need someone to write it for you. In that case, this question isn't enough points..
You'll also need to supply more information.
As far as "should I be using a different script", well, you probably just need to modify that one to use the LDAP provider, and then use the recursive IsMember function that's in that post I referenced above, and you'd be fine..
You'll also need to supply more information.
As far as "should I be using a different script", well, you probably just need to modify that one to use the LDAP provider, and then use the recursive IsMember function that's in that post I referenced above, and you'd be fine..
ASKER
Thanks, I will try and get one working. If not I will post another question worth more points.
Thanks
Thanks
Sounds good. I'll keep an eye out in case you still need help.
-exx
-exx
That post I referenced was long. This is the function you want to do nested group membership evaluation.
Feed it the ADSPath of the group and it will return true or false.
Feed it the ADSPath of the group and it will return true or false.
Function IsMember(GroupName)
wscript.echo groupname
Set oGroup = GetObject(groupname)
Set members = oGroup.members
For Each member In members
If member.class = "user" Then
If member.Name = UserName Then
IsMember = True
Exit Function
End If
Else
If member.class = "group" Then
If IsMember(member.adspath) Then
IsMember = True
Exit Function
End If
End If
End If
Next
IsMember = False
End Function