Solved

VBS Windows login script problems with Windows 7 / IE 8 Protected mode

Posted on 2011-03-10
6
1,370 Views
Last Modified: 2012-06-27
I'm trying to troubleshoot a visual basic script used for a Windows login script.  No problems with XP and IE 8, but under Windows 7 and IE 8 the script executes but fails to correctly display the ie.document output.  Turning off UAC (which also disables IE protected mode) or turning off protected mode on the internet zone resolves the issue.  The IE object is showing up in the local intranet zone which does have protected mode off by default.  (Not sure why turning off protected mode on the "internet" zone is effecting something in the "local intranet" zone.

There are three components: the vbs script, a login.htm page for display and a XML file that references the drive mappings.

I've tried using navigate2 instead of navigate, putting a mark of the web on the login.htm file, changing everything to use the login.htm file local and not over unc, and moving the navigate call down to right after .visible=1 call.  (Strangely enough, moving the navigate call does finally display the object with the correct size but missing the ie.doucment calls displaying information.)

I'm an admin and not a coder so be patient.  

Thanks

<Settings
Domain="widget.com"
LSV="1.1"
IEPath="\loginwin7.htm">
<Groups GroupName="GG Map Nedesign I drive">
    <Map DriveLetter="I:" Share="\\nas2\nedesign\shared" FName="File Share I:"/>
</Groups>

<Groups GroupName="GG Map Nedesign J drive">
    <Map DriveLetter="J:" Share="\\nas2\nedesign\users" FName="File Share J:"/>
</Groups>


</Settings>

Open in new window

<html>
<style type="text/css">
<!--
body { background-image: URL(login.jpg); background-repeat: no-repeat ;background-position: 0px 0px}
body { background-color: #AEAEAE}
h1 {position: absolute;top: 61px;left: 250px}
-->
.style1 {
    color: #63B380;
    font-weight: bold;
}
.style4 {color: #63B380;
    font-weight: bold;
}

</style>
<head>
<title>Login script</title>
</head>

<body topmargin="0" leftmargin="0" SCROLL="no">

<table border="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="383" cellpadding="0" id="AutoNumber1" height="402">
<!-- <table width="383" height="380" border="0">-->
<tr>
<td height="63" colspan="2"> </td>
</tr>
<tr>
<td height="33"><div align="center" class="style4"><p><font face="Arial" size="2" ID=Msg1> </Font></div></td>
<td height="33"> </td>
</tr>
<tr>
<td width="247"> </td>
<td width="126" rowspan="2" valign="middle"><table width="125" height="68" border="0">
<tr>
<td width="115"><div align="center">
</div></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td><font face="Arial" size="1">      C Drive Space:</font><div align="center"><font face="Arial" size="1" id=Disk_space></font></div></td>
</tr>
<tr>
<td><font face="Arial" size="1">      IP Address:</font><div align="center"><font face="Arial" size="1" id=IP_Address></font></div></td>
</tr>
<tr>
<td><div align="center">
</div></td>
</tr>
<tr>
<td><font face="Arial" size="1">      Date:</font><div align="center"><font face="Arial" size="1" id=date_time></font></div></td>
</tr>
<tr>
<td><font face="Arial" size="1">      WSH Version:</font><div align="center"><font face="Arial" size="1" id=WSH></font></div></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td><div align="center">
<input type="checkbox" name="holdit" value="ON" checked>
 <font face="Arial" size="1">Auto Close</font></div></td>
</tr>
<tr>
<td><div align="center"><font face="Arial" size="1" id=versionID></font> </div></td>
</tr>
</table></td>
</tr>
<tr>
<td height="258"><textarea rows="17" name="wstatus" cols="48" style="font-family: Arial; font-size: 8pt"></textarea></td>
</tr>
<tr>
<td height="27" colspan="2"><div align="center"><span class="style1"><font face="Arial" size="1" color="red" id=error></font></span></div></td>
</tr>
</table>
</body>
</html>

Open in new window

On Error Resume Next
strComputer = "."
Dim fso,fold,fil,XMLDoc,scripterror
Const HKEY_LOCAL_MACHINE = &H80000002
Const DeleteReadOnly = True
Const ADS_READONLY_SERVER = 4
Const HARD_DISK = 3
Set WshNetwork = CreateObject("WScript.Network")
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set xmlDoc = CreateObject("Msxml2.DOMDocument")
Set IE = CreateObject("InternetExplorer.Application")
Set WshShell = CreateObject("WScript.Shell")
Set objReg=GetObject("winmgmts:{impersonationlevel=impersonate}!\\" & strcomputer & "\root\default:stdregprov")
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set WshProcessEnvironment = WshShell.Environment("Process")
'WshNetwork.RemoveNetworkDrive "w:",true,true
'WshNetwork.RemoveNetworkDrive "k:",true,true
'WshNetwork.RemoveNetworkDrive "g:",true,true
'WshNetwork.RemoveNetworkDrive "j:",true,true
'WshNetwork.RemoveNetworkDrive "i:",true,true
'WshNetwork.RemoveNetworkDrive "l:",true,true

LogonPath = objFSO.GetParentFolderName(WScript.ScriptFullName)

strfile = LogonPath&"\scriptnewin7.xml"
EnvWinDir = WshProcessEnvironment("windir")

'''''''''''''''''''''''''''''''''''''''''''''
'            Get Script Settings                '
'''''''''''''''''''''''''''''''''''''''''''''
xmlDoc.load(strfile)
Set ElemList = xmlDoc.getElementsByTagName("Settings")
For Each elem In ElemList
    For Each itm In elem.Attributes
    If itm.nodeName = "IETitlebar" Then
        strTitle_Bar = itm.Text
End If
If itm.nodeName = "Domain" Then
    strlocaldname = itm.Text
End If
If itm.nodeName = "LSV" Then
    strversionid = itm.Text
End If
If itm.nodeName = "IEPath" Then
    striepath = LogonPath&itm.Text
End If
Next
Next

On Error Resume Next
Dim strUser
Set WSHNetwork = CreateObject("WScript.Network")
While strUser = ""
WScript.Sleep 10 
    strUser = WSHNetwork.UserName
WEnd

adsPath = "WinNT://" & strlocaldname & "/" & strUser
Set dso = GetObject("WinNT:")
Set objUser = dso.OpenDSObject(adsPath,"","", ADS_READONLY_SERVER)
strUserfull = objuser.fullname


Call LogonScriptSync()
Call CreateIE()
Call Salutation()

'''''''''''''''''''''''''''''''''''''''''''''
'            Map Network Drives                '
'''''''''''''''''''''''''''''''''''''''''''''

strStatus = "Checking network status..."
ie.document.all.wstatus.InnerText = strStatus
strStatus = strStatus & " Complete"
ie.document.all.wstatus.InnerText = strStatus
strStatus = strStatus & VbCrLf & "Mapping network drives..."

For Each group In objUser.groups
        Set groupList = xmlDoc.getElementsByTagName("Groups")
            For Each elem In groupList
                For Each itm In elem.Attributes
                    If group.name = itm.Text Then
                        strStatus = strStatus & VbCrLf & "Member of: " & group.name
                ie.document.all.wstatus.InnerText = strStatus
                    For Each Mapping In elem.selectNodes("Map")
                        For Each map In Mapping.Attributes
                            If map.nodename = "DriveLetter" Then
                                strDriveLetter = map.text
                                If strDriveLetter = "*" Then
                                    Call NextAvailable()
                                End If
                            End If
                            If map.nodename = "Share" Then
                                strShare = map.text
                            End If
                            If map.nodename = "FName" Then
                                strFName = map.text
                                If strFName = "UserDirH" Then
                                    Call UserDirH()
                                ElseIf strFName = "UserDir" Then
                                    Call UserDir()
                                End If
                            End If
                    Next
                    MapDrive strDriveLetter,strShare,strFName,"false",strUser
                    Next
                End If
            Next
        
        Next
Next



strStatus = strStatus & vbCRLF & "Network Logon Complete..."
ie.document.all.wstatus.InnerText = strStatus
Wscript.Sleep 1000

If scripterror = 1 Then
        strStatus = strStatus & vbCRLF & "***Error detected in Login Script***"
        ie.document.all.Error.InnerText = "Please contact the Service Desk"
        strStatus = strStatus & VbCrLf & "You must close script manually"
        ie.document.all.wstatus.InnerText = strStatus
Else
        If ie.document.all.holdit.checked Then
            ie.quit()
        End If
End If


'''''''''''''''''''''''''''''''''''''''''''''
'             Subroutines                    '
'''''''''''''''''''''''''''''''''''''''''''''
Sub Salutation ()
    If Hour(Now) < 12 Then
        strWelcome = "Good Morning "
    ElseIf Hour(Now) < 18 Then
        strWelcome = "Good Afternoon "
    Else
        strWelcome = "Good Evening "
    End If
    
    
    Set colDisks = objWMIService.ExecQuery _
                        ("Select * FROM Win32_LogicalDisk Where DriveType = " & HARD_DISK & "")
    For Each objDisk In colDisks
        strDisk_space = round((objDisk.FreeSpace / 1000000000), 2) & " GB"
    Next    
    Set colAdapters = objWMIService.ExecQuery _
                        ("Select * from Win32_NetworkAdapterConfiguration Where IPEnabled = True")
    For Each objAdapter in colAdapters
    strIP_Address = objAdapter.IPAddress(i)
    Next
    

strdate_time = Date    
ie.document.all.Msg1.InnerText = strWelcome & struserfull
ie.document.all.date_time.InnerText = strdate_time
ie.document.all.disk_space.InnerText = strDisk_Space
ie.document.all.IP_Address.InnerText = strIP_address
ie.document.all.WSH.InnerText = wscript.Version
ie.document.all.versionid.InnerText = strversionid
End Sub

Sub CreateIE()
With IE
.navigate striepath
'.navigate "about:blank"
.resizable=0
.height=450
.width=390
.menubar=0
.toolbar=0
.statusBar=0
.visible=1
End With
Do while ie.Busy
Wscript.Sleep 100
Loop
WshShell.AppActivate("Login script")
End Sub

Sub NextAvailable ()
    set objFS=CreateObject ("Scripting.FileSystemObject")
    set colDrives=objFS.Drives
    letter=Asc("C")
    while objFS.DriveExists(Chr(letter)+":")
    letter=letter+1
    Wend
    strdriveletter = UCASE(Chr(letter))+":"
End Sub

Sub MapDrive(strDriveLetter,strShare,strFName,strProfile,strUser)
    On Error Resume Next
    strStatus = strStatus & VbCrLf & "Connecting " & strDriveLetter & "\ to " & strFName & "..."
    ie.document.all.wstatus.InnerText = strStatus
    WSHNetwork.MapNetworkDrive strDriveLetter, strShare, strProfile, strUser
    If Err.Number Then
        strStatus = strStatus & " Error"
        ie.document.all.wstatus.InnerText = strStatus
        Call error_log()
        scripterror = 1
    End If
    Err.clear
End Sub

Sub error_log()
    Set objTextFile = objFSO.OpenTextFile ("C:\Scripterror.log", 8, True)
    objTextFile.WriteLine("Login Script Version: " & strversionid & " DriveMapping " & strDriveLetter & " to " & strShare & " on " & Date &"; " & Time() & " Failed to map due to " & Err.Number & " " & err.description)
    objTextFile.Close
End Sub    

Sub LogonScriptSync
    WSHShell.RegWrite 
End Sub    


Sub UserDirH()
    strShare = strShare & strUser & "$"
End Sub

Sub UserDir()
    strShare = strShare & strUser
End Sub

Open in new window

0
Comment
Question by:klschne
  • 3
  • 2
6 Comments
 
LVL 1

Expert Comment

by:robertodf
ID: 35095789
What information are you trying to display to the users?

Have you considered using only batch files to do the mappings?

Do you have a  screen capture of the displayed screen on the computers where the script is working fine?

Regards,
0
 

Author Comment

by:klschne
ID: 35095971
The script displays the results of the drive mappings, contact information on failures, a greeting and a few pieces of system information such as IP and free c: drive space.

No, I don't think I'd revert to a batch file.  Worse case would be eliminating the Createobject.InternetExplorer subsection as the script does successfully map the drives under win7.

Screen captures of both success and failure added.

failure.png
success.png
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 35100310
The Protected Mode should work from the Intranet zone, you'd just need to make sure that the server housing the script is detected as being in your Intranet.  Try putting the full address to the same file in IE, and see what it picks it up as.  Worst case I guess is that you add the server to your Trusted Sites zone and turn off Protected Mode there.

Regards,

Rob.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Assisted Solution

by:klschne
klschne earned 0 total points
ID: 35109317
I had no luck putting server names (short or fqdn) in local intranet or even trusted.  However, your comment prompted me to do something else.

I unchecked "Automatically detect intranet network" off on and unchecked "Include all network paths (UNC)" from the Sites button under the Local Intranet zone in IE and it solved the problem.

When I verify which zone the script runs in successfully, it's "Internet" !?!  If I add the serer name to the Local Intranet zone after the UNC change on sites, it actually breaks it again.  Very odd.

Any thoughts?  Otherwise, would you be ok with partial points?
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 250 total points
ID: 35135312
In my Tools --> Internet Options --> Local Intranet --> Sites I have the top one unticked, and the rest ticked.  Then you shouldn't need to list the site in any other zone.  That's odd.....I'm OK with partial points if you have a working solution.

Regards,

Rob.
0
 

Author Closing Comment

by:klschne
ID: 35174512
Rob's comments led me to look closer and the zones the script executed under and test and change IE settings to find a resolution without disabling protected mode or UAC.

I had thought this would be a scripting side problem and would require a change in the script.  I hadn't considered it would be resolved by IE.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

One of the features I've come to appreciate about Windows 7 and Windows Server 2008 R2 is the ability to pin applications to the task bar. As useful a feature as I've found this, it does have some quirks.  For example, have you ever tried pinning an…
This article is the result of a quest to better understand Task Scheduler 2.0 and all the newer objects available in vbscript in this version over  the limited options we had scripting in Task Scheduler 1.0.  As I started my journey of knowledge I f…
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now