login script, map url attribute of membership group with 20 in it´s name:)

Is it doable or too complicated to create a login script which map the url attribute of a membership group with 20 in it´s name.
I´m tinking, something like first enumerating groups for the user, then picking the group from this list with 20 in it´s name, then grabbing the url attribute (objUser.Get("url")) of the group and mapping it as a driver letter.
Who is Participating?
TasmantConnect With a Mentor Commented:
sorry for the wait
On Error Resume Next

Set WshNetwork = CreateObject("Wscript.Network")

'Get username
strUser = WshNetwork.UserName

'LDAP Request
Set rootDSE = GetObject("LDAP://RootDSE")
strDomain = "LDAP://" & rootDSE.Get("defaultNamingContext")
strfilter = "(&(objectCategory=Person)(objectClass=User)(samaccountname=" & strUser & "))"
strAttributes = "ADsPath" 
strScope = "subtree"

'ADO Initialization
Set objConnection = CreateObject("ADODB.Connection") 
Set objcommand = CreateObject("ADODB.Command") 
objConnection.Provider = "ADsDSOObject" 
objConnection.Open "Active Directory Provider" 
objcommand.ActiveConnection = objConnection

'ADO Properties
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 600
objCommand.Properties("Cache Results") = True

'Execute Query
objCommand.CommandText = "<" & strDomain & ">;" & strFilter & ";" & strAttributes & ";" & strScope
Set objRecordSet = objCommand.Execute

'Only one record should be returned
Do Until objRecordSet.EOF

	'Bind to User
	Set objUser = GetObject(objRecordSet.Fields("ADsPath").Value)
	'Enumerate direct groups the user is member of
	For Each strGroup in objUser.GetEx("memberOf")
		'Bind to current group
		Set objGroup = GetObject("LDAP://" & strGroup)
		'Test if "20" is in the group name
		If InStr(1,objGroup.Name,"20") > 0 Then
			'Map Network Drive with the group URL attribute
			WshNetwork.MapNetworkDrive "Z:",objgroup.Url
		End If		

Open in new window

I think it's a bit more complicated what you want to achieve.
You should explain us better what is your need, how you provide information to map drives for users ...
there's a lot of way to map drivers for users, and this can be achieved with security groups (ie one map per group)

But ... to answer to your question, you can do exactly what you want with this:
You can put this code in a logon script batch file. If you set it in a script, you need to use %% syntax.

for /f "tokens=*" %%i in ('dsquery user -name %username% ^| dsget user -memberof ^| find "20"') do for /f "tokens=* skip=1" %%j in ('dsquery * %%i -attr url') do net use z: %%j

Open in new window

for /f "tokens=*" %i in ('dsquery user -name %username% ^| dsget user -memberof ^| find "20"') do for /f "tokens=* skip=1" %j in ('dsquery * %i -attr url') do net use z: %j

Open in new window

DucknaldiAuthor Commented:
Hi Tasmant

I have a lot of students in my AD, these students are members of several groups.
One of these groups is their class group and this group has the url attribute set for there class home drive.
Insted of having a policy for each class mapping this drive, I want one script to do it for all students.
The group names with the url attribute set, are all named after the year the students started on the school, like val_2000A, tin_2003B, rod_2010C etc..
Other groups are not named in the same fashion, which is why I´d like to distingiush on the number 20, since it would apply for all the relevant groups and noone else.
I do not have access to test it before monday, but it looks like you understand what I want to achieve and I think this might be it.
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

DucknaldiAuthor Commented:
Oh and by the way, class folders and the url attribute is already in place due to the existing structure, which is why I want to use it for mapping class drives also, so I can get rid of all our time demanding class home drive mapping policies.
if they are members of several groups but only one with "20" in the name, my script works.
if you want another (maybe vbs), sure we could, just need a bit more time :)
DucknaldiAuthor Commented:
I would prefer vbs, in case the script needs extra functions some day or need to be combined with existing scripts.
I haven´t tested your cmd line yet, cause today seems to be dhcp problems day:)
DucknaldiAuthor Commented:
I´d have to copy dsquery to the clients for this cmd line to work, or?
yes, or launch it within their logonscript.
if you use direct command, take the one % syntax command
if you use logon script (.bat file), take the double %% syntax command
i'll try to post the vbs soon
DucknaldiAuthor Commented:
It worked perfectly with no corrections at all.
Furthermore, I see many other uses for this script.
Thank you alot.
I just got rid of hundreds of policies thanks to you;)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.