Solved

login script, map url attribute of membership group with 20 in it´s name:)

Posted on 2011-03-04
9
421 Views
Last Modified: 2012-05-11
Is it doable or too complicated to create a login script which map the url attribute of a membership group with 20 in it´s name.
I´m tinking, something like first enumerating groups for the user, then picking the group from this list with 20 in it´s name, then grabbing the url attribute (objUser.Get("url")) of the group and mapping it as a driver letter.
0
Comment
Question by:Ducknaldi
  • 5
  • 4
9 Comments
 
LVL 11

Expert Comment

by:Tasmant
ID: 35037866
I think it's a bit more complicated what you want to achieve.
You should explain us better what is your need, how you provide information to map drives for users ...
there's a lot of way to map drivers for users, and this can be achieved with security groups (ie one map per group)

But ... to answer to your question, you can do exactly what you want with this:
You can put this code in a logon script batch file. If you set it in a script, you need to use %% syntax.


for /f "tokens=*" %%i in ('dsquery user -name %username% ^| dsget user -memberof ^| find "20"') do for /f "tokens=* skip=1" %%j in ('dsquery * %%i -attr url') do net use z: %%j

Open in new window

for /f "tokens=*" %i in ('dsquery user -name %username% ^| dsget user -memberof ^| find "20"') do for /f "tokens=* skip=1" %j in ('dsquery * %i -attr url') do net use z: %j

Open in new window

0
 
LVL 1

Author Comment

by:Ducknaldi
ID: 35044215
Hi Tasmant

I have a lot of students in my AD, these students are members of several groups.
One of these groups is their class group and this group has the url attribute set for there class home drive.
Insted of having a policy for each class mapping this drive, I want one script to do it for all students.
The group names with the url attribute set, are all named after the year the students started on the school, like val_2000A, tin_2003B, rod_2010C etc..
Other groups are not named in the same fashion, which is why I´d like to distingiush on the number 20, since it would apply for all the relevant groups and noone else.
I do not have access to test it before monday, but it looks like you understand what I want to achieve and I think this might be it.
0
 
LVL 1

Author Comment

by:Ducknaldi
ID: 35044230
Oh and by the way, class folders and the url attribute is already in place due to the existing structure, which is why I want to use it for mapping class drives also, so I can get rid of all our time demanding class home drive mapping policies.
0
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

 
LVL 11

Expert Comment

by:Tasmant
ID: 35055557
if they are members of several groups but only one with "20" in the name, my script works.
if you want another (maybe vbs), sure we could, just need a bit more time :)
0
 
LVL 1

Author Comment

by:Ducknaldi
ID: 35056268
I would prefer vbs, in case the script needs extra functions some day or need to be combined with existing scripts.
I haven´t tested your cmd line yet, cause today seems to be dhcp problems day:)
0
 
LVL 1

Author Comment

by:Ducknaldi
ID: 35059922
I´d have to copy dsquery to the clients for this cmd line to work, or?
0
 
LVL 11

Expert Comment

by:Tasmant
ID: 35068706
yes, or launch it within their logonscript.
if you use direct command, take the one % syntax command
if you use logon script (.bat file), take the double %% syntax command
i'll try to post the vbs soon
0
 
LVL 11

Accepted Solution

by:
Tasmant earned 500 total points
ID: 35083516
sorry for the wait
On Error Resume Next

Set WshNetwork = CreateObject("Wscript.Network")

'Get username
strUser = WshNetwork.UserName

'LDAP Request
Set rootDSE = GetObject("LDAP://RootDSE")
strDomain = "LDAP://" & rootDSE.Get("defaultNamingContext")
strfilter = "(&(objectCategory=Person)(objectClass=User)(samaccountname=" & strUser & "))"
strAttributes = "ADsPath" 
strScope = "subtree"

'ADO Initialization
Set objConnection = CreateObject("ADODB.Connection") 
Set objcommand = CreateObject("ADODB.Command") 
objConnection.Provider = "ADsDSOObject" 
objConnection.Open "Active Directory Provider" 
objcommand.ActiveConnection = objConnection

'ADO Properties
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 600
objCommand.Properties("Cache Results") = True

'Execute Query
objCommand.CommandText = "<" & strDomain & ">;" & strFilter & ";" & strAttributes & ";" & strScope
Set objRecordSet = objCommand.Execute

'Only one record should be returned
Do Until objRecordSet.EOF

	'Bind to User
	Set objUser = GetObject(objRecordSet.Fields("ADsPath").Value)
	
	'Enumerate direct groups the user is member of
	For Each strGroup in objUser.GetEx("memberOf")
		
		'Bind to current group
		Set objGroup = GetObject("LDAP://" & strGroup)
			
		'Test if "20" is in the group name
		If InStr(1,objGroup.Name,"20") > 0 Then
			
			'Map Network Drive with the group URL attribute
			WshNetwork.MapNetworkDrive "Z:",objgroup.Url
			
		End If		
	Next
	objRecordSet.MoveNext
Loop

Open in new window

0
 
LVL 1

Author Closing Comment

by:Ducknaldi
ID: 35095341
It worked perfectly with no corrections at all.
Furthermore, I see many other uses for this script.
Thank you alot.
I just got rid of hundreds of policies thanks to you;)
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Well hello again!  Glad to see you've made it this far without giving up.  In this, the fourth installment of my popular series, I'm going to cover functions and subroutines, what they are, and why they are useful.  Just in case you stumbled onto th…
When it comes to writing scripts for a Client/Server computing environment it is essential to consider some way of enabling the authentication functionality within a script. This sort of consideration mainly comes into the picture when we are dealin…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now