Need a good example for server 2008 login script
I want to use the preferences, but it is not working well in this setup I have for some reason. So I need to setup a login script, via a bat file because I dont know vbscript at all.
I have 4 drives that need mapped to 4 different OU's that the users belong to. So I need to know how to setup the bat file for the 4 drive mappings with the net use command... So if someone could show me a good example on what to do or where I can find a good example for settig this up.. I know I can use the %username% in each one but not sure how to make the users go to the right drive mapping inside of the one login script for their particular OU that they belong to.
I have 4 drives that need mapped to 4 different OU's that the users belong to. So I need to know how to setup the bat file for the 4 drive mappings with the net use command... So if someone could show me a good example on what to do or where I can find a good example for settig this up.. I know I can use the %username% in each one but not sure how to make the users go to the right drive mapping inside of the one login script for their particular OU that they belong to.
ASKER
Like I said I cant get the drive mappings via the prefernces for some reason... The gpo gets applied but I never see the drive mapping...
Are you applying the group policies to OU's that have users in rather than computers?
If you move your user in to an OU, create a group policy just for your user for a network share you know you have access to, then run gpupdate /force on your computer, restart and then login, what happens?
Are you using Windows XP computers? If so, have you installed the group policy extensions?
If you move your user in to an OU, create a group policy just for your user for a network share you know you have access to, then run gpupdate /force on your computer, restart and then login, what happens?
Are you using Windows XP computers? If so, have you installed the group policy extensions?
ASKER
I have the policy setup to ou's that I have the users in and they are logging into a TS which is 2003 R2 which I did install the server 2003 client side ext on..
If it's a TS server then you will need to enable the loopback policy, http://support.microsoft.com/kb/231287
ASKER
already did that
And if you run Rsop.msc does it show that those settings have been applied.
If it does it would suggest the client side extensions have not been installed or are not installed correctly.
You installed this: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=bfe775f9-5c34-44d0-8a94-44e47db35add&displaylang=en
If it does it would suggest the client side extensions have not been installed or are not installed correctly.
You installed this: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=bfe775f9-5c34-44d0-8a94-44e47db35add&displaylang=en
ASKER
Yes it does show the GP being applied but no drive letter. Like I said I downloaded the 2003 clnt side ext and installed them. I installed them 2 times but made no difference...
Any errors in the event log to say why it hasn't been done?
this is a vbscript but it's well laid out and documented. just scan thru it until you see #################### thats where the 'instructions' are and just below that is the section that would include your modifiications. in the example below it would map the the static S: to everyone, the H: to the users homespace and if they are a member of the Exec Group it will map the M: drive and a printer.
create and assign a gpo to the OU that contains the users in question.
(you could assign the script to A/D groups or by OU as you wish)
open the gpo and navigate to: Users -> Policies -> Windows Settings -> scripts -> logon
click 'show files' (perhaps put a shortcut to this folder on desktop for ez access during setup)
put script in that folder
then click 'Add' and select the script you just put in the folder.
done.
the only thing outside the ####### that you may wish to change is the name of the log file on the 8th line
strLogName = "LogonScript.log" (it gets saved into the users profile temp folder at each login)
create and assign a gpo to the OU that contains the users in question.
(you could assign the script to A/D groups or by OU as you wish)
open the gpo and navigate to: Users -> Policies -> Windows Settings -> scripts -> logon
click 'show files' (perhaps put a shortcut to this folder on desktop for ez access during setup)
put script in that folder
then click 'Add' and select the script you just put in the folder.
done.
the only thing outside the ####### that you may wish to change is the name of the log file on the 8th line
strLogName = "LogonScript.log" (it gets saved into the users profile temp folder at each login)
'$$$$ Version 2006-10-11 $$$$
'Compiled/Written by Johan Greefkes, 2004-2006
Option Explicit
Dim strLogName, bolWriteLog, bolManagePrinters, bolEnableCrossDomain
strLogName = "LogonScript.log" ' Filename of log to write to in the temp folder.
bolWriteLog = True ' Toggles log-writing. I like it on, you may like it off.
bolManagePrinters = True ' Disable for Windows 9x clients.
bolEnableCrossDomain = False ' Toggles Cross Domain Authentication. Reads registry to obtain NetBIOS domain for the machine.
'Script Begins Here
Dim objFSO, objNetwork, objDrives, objDict, objComputer, objShell, objFileSystem, objLogFile, objRootDSE, objTrans, strPDrive
Dim strComputerName, strDomain, strUser, strAdsPath, strNetBIOSDomain, strDNSDomain, strTemp, strLogPath, i
Set objFSO = WScript.CreateObject("Scripting.FileSystemObject")
Set objNetwork = WScript.CreateObject("Wscript.Network")
Set objDrives = objNetwork.EnumNetworkDrives
Set objShell = WScript.CreateObject("WScript.Shell")
strComputerName = objNetwork.ComputerName
strDomain = objNetwork.UserDomain
strUser = objNetwork.UserName
strAdsPath = strDomain & "/" & strUser
If bolEnableCrossDomain then
On error resume next
strNetBIOSDomain = objShell.RegRead _
("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultDomainName")
if Not err.number = 0 then
MsgBox "Problem reading the computer's domain name from the Registry." & chr(10) & _
"Please set ""bolEnableCrossDomain"" to False", vbCritical, "Logon Script Error"
wscript.quit
end If
on error GoTo 0
Else
strNetBIOSDomain = strDomain
end If
Set objComputer = GetObject("WinNT://" & strNetBIOSDomain & "/" & strComputerName & ",computer")
strTemp = objshell.ExpandEnvironmentStrings("%TEMP%")
strLogPath = strTemp & "\" & strLogName '"
set objFileSystem = WScript.CreateObject("Scripting.FileSystemObject")
if bolWriteLog then 'initialize log file
on error resume next
Set objLogFile = objFileSystem.OpenTextFile(strLogPath, 2, True) '"
writelog "############### Start Login Script ##################"
if not err.number = 0 then
msgbox "There was a problem opening the log file for writing." & chr(10) & _
"Please check whether """ & strLogPath & """ is a valid file and can be openend for writing." & _
chr(10) & chr(10) & "If you're not sure what to do, please contact your support person.",vbCritical, "Logon Script Error"
wscript.quit
end if
on error goto 0
end if
'############################### ###############################
'############################### INSTRUCTIONS ###############################
'############################### ###############################
'Check for user group membership with isMember:
'isMember will write an entry in the log file when a user is in the group
'if isMember("groupname") then
' commands here
'end if
'Check for computer group membership with isMember: (usefull for location specific printer creation)
'isComputerMember will write an entry in the log file when a user is in the group
'if isComputerMember("groupname") then
' commands here
'end if
'Map drives with DriveMapper:
'DriveMapper "Drive:", "\\Server\share"
'Add Printers with AddPrinter:
'AddPrinter "\\Server\Printername"
'Set a default printer with SetPrinterDefault (printer has to exist, or this will not work)
'SetPrinterDefault "\\Server\Printername"
'Remove Printers with RemovePrinter:
'RemovePrinter "\\Server\Printername"
'Remove All Printers from a Server with RemovePrintersFromServer. Handy when you retire a windows print server.
'RemovePrintersFromServer "Servername"
'Execute any file with Run:
'Run "c:\windows\notepad.exe"
'Run "\\server\share\script.vbs"
'Copy files with FileCopy(source, target):
'FileCopy "\\server\share\*.txt", "c:\temp\"
'NOTE: copies are not recursive, and wildcards can only exists in the file level.
'NOTE: Users must have permission to write files in the target location
'Write an entry to the log file with WriteLog():
'writelog("some text here")
'Set user environment variables with PutEnv:
'PutEnv "Variablename", "VariableValue"
'A log file will be placed in the user's temp directory and will
'be named to the ScriptLogName variable set above.
'############################### CHANGE ###############################
'############################### SCRIPT ###############################
'############################### BELOW ###############################
' Static mapping
DriveMapper "S:","\\Server1\Share"
DriveMapper "H:","\\Server1\HOME\" & strUser
' Membership mapping
if isMember("Executive Team") Then
DriveMapper "M:","\\Server1\Exec"
AddPrinter "\\Server2\Executive"
end if
'######################### ^^CHANGE SCRIPT ABOVE^^ ##########################
'######################### Subs 'n Functions Below #########################
'############################## DO NOT CHANGE ##############################
writelog "################ End Login Script ###################"
Set objNetwork = Nothing
Set objDrives = Nothing
Set objComputer = Nothing
Set objShell = Nothing
Set objFileSystem = Nothing
Set objLogFile = Nothing
Wscript.Quit
Function IsMember(sGroup)
Dim oDict, oUser, oGroup
If IsEmpty(oDict) Then
Set oDict = CreateObject("Scripting.Dictionary")
oDict.CompareMode = vbTextCompare
Set oUser = GetObject("WinNT://" & strAdsPath & ",user")
For Each oGroup In oUser.Groups
oDict.Add oGroup.Name, "-"
Next
Set oUser = Nothing
End If
IsMember = CBool(oDict.Exists(sGroup))
if IsMember and bolWriteLog then objLogFile.WriteLine(Now() & ": Success: User is member of " & sGroup)
End Function
Function IsComputerMember(sGroup)
Dim oGroup
on error resume next
Set oGroup = GetObject("WinNT://" & strDomain & "/" & sGroup & ",group")
IsComputerMember = CBool(oGroup.IsMember(objComputer.ADsPath & "$"))
if IsComputerMember and bolWriteLog then objLogFile.WriteLine(Now() & ": Success: Computer is member of " & sGroup)
Set oGroup = Nothing
If not Err.Number = 0 Then
if bolWriteLog then objLogFile.WriteLine(Now() & ": Failed : IsComputerMember could not locate group " & sGroup)
end if
on error goto 0
End Function
sub WriteLog(sEntry)
if bolWriteLog then objLogFile.WriteLine(Now() & ": Log: " & sEntry)
End Sub
Sub DriveMapper(sDrive, sShare)
For i = 0 To objDrives.Count -1 Step 2
if LCase(sDrive) = LCase(objDrives.Item(i)) Then
if not LCase(sShare) = LCase(objDrives.Item(i+1)) Then
objNetwork.RemoveNetworkDrive sDrive, True, True
Else
if bolWriteLog then objLogFile.WriteLine(Now() & ": Success: Connect """ & sDrive & """ to share """ & _
sShare & """ (previously connected)")
Exit Sub
End if
End If
Next
on error Resume Next
objNetwork.MapNetworkDrive sDrive, sShare, True
If Err.Number = 0 Then
if bolWriteLog then objLogFile.WriteLine(Now() & ": Success: Connect """ & sDrive & """ to share """ & sShare & """")
else
if bolWriteLog then objLogFile.WriteLine(Now() & ": Failed: Connect """ & sDrive & """ to share """ & sShare & """")
end if
on error goto 0
End Sub
sub AddPrinter(sPrinterUNC)
on error resume next
if not bolManagePrinters then
if bolWriteLog then objLogFile.WriteLine(Now() & ": Success: Printer connection skipped because disabled (" & _
strUser & " on " & strComputerName & ")")
else
objNetwork.AddWindowsPrinterConnection sPrinterUNC
If Err.Number = 0 Then
if bolWriteLog then objLogFile.WriteLine(Now() & ": Success: Connect to printer: " & sPrinterUNC)
else
if bolWriteLog then objLogFile.WriteLine(Now() & ": Failed: Connect to printer: " & sPrinterUNC)
end if
end if
on error goto 0
end sub
sub RemovePrinter(sPrinterUNC)
dim oPrinters
Set oPrinters = objNetwork.EnumPrinterConnections
For i = 0 to oPrinters.Count - 1 Step 2
if uCase(oPrinters.Item(i+1)) = uCase(sPrinterUNC) then
on error resume next
objNetwork.RemovePrinterConnection sPrinterUNC, true, true
If Err.Number = 0 Then
if bolWriteLog then objLogFile.WriteLine(Now() & ": Success: Remove printer: " & sPrinterUNC)
else
if bolWriteLog then objLogFile.WriteLine(Now() & ": Failed: Remove printer: " & sPrinterUNC)
end if
on error goto 0
exit sub
end if
Next
if bolWriteLog then objLogFile.WriteLine(Now() & ": Success: Remove printer: " & sPrinterUNC & " (Printer did not exist)" )
set oPrinters = Nothing
end sub
sub RemovePrintersFromServer(sServerName)
dim oPrinters, aPrinter
if bolWriteLog then objLogFile.WriteLine(Now() & ": Removing all printers from: " & ucase(sServerName))
Set oPrinters = objNetwork.EnumPrinterConnections
For i = 0 to oPrinters.Count - 1 Step 2
on error resume next
aPrinter = split(uCase(oPrinters.Item(i+1)),"\",-1, 1) '"
if not UBound(aPrinter) = 0 then 'this is not a local printer, process code
if aPrinter(2) = ucase(sServerName) then
objNetwork.RemovePrinterConnection oPrinters.Item(i+1), true, true
If Err.Number = 0 Then
if bolWriteLog then objLogFile.WriteLine(Now() & ": Success: Remove printer: " & oPrinters.Item(i+1))
else
if bolWriteLog then objLogFile.WriteLine(Now() & ": Failed: Remove printer: " & oPrinters.Item(i+1))
end if
end if
end if
aPrinter = ""
on error goto 0
next
if bolWriteLog then objLogFile.WriteLine(Now() & ": Removed all printers from: " & ucase(sServerName))
end sub
sub SetPrinterDefault(sPrinterUNC)
on error resume next
if not bolManagePrinters then
if bolWriteLog then objLogFile.WriteLine(Now() & ": Success: Default printer to " & sPrinterUNC & _
" skipped because disabled (" & strUser & " on " & strComputerName & ")")
else
objNetwork.SetDefaultPrinter sPrinterUNC
If Err.Number = 0 Then
if bolWriteLog then objLogFile.WriteLine(Now() & ": Success: Set as Default: " & sPrinterUNC)
else
if bolWriteLog then objLogFile.WriteLine(Now() & ": Failed: Set as Default: " & sPrinterUNC)
end if
end if
on error goto 0
end sub
Sub PutEnv(sName, sValue)
Dim oEnv
Set oEnv = objShell.Environment("USER")
oEnv(sName) = sValue
if bolWriteLog then objLogFile.WriteLine(Now() & ": Success: Set user variable """ & sName & """ to: """ & sValue & """")
Set oEnv = Nothing
End Sub
Sub Run(ByVal sFile)
on error resume next
objShell.Run Chr(34) & sFile & Chr(34), 1, false
If Err.Number = 0 Then
if bolWriteLog then objLogFile.WriteLine(Now() & ": Success: Execute: " & sFile)
else
if bolWriteLog then objLogFile.WriteLine(Now() & ": Failed: Execute: " & sFile)
end if
on error goto 0
End Sub
Sub FileCopy(sSource, sTarget)
on error resume next
objFileSystem.CopyFile sSource, sTarget
If Err.Number = 0 Then
if bolWriteLog then objLogFile.WriteLine(Now() & ": Success: Copy: " & sSource & " to " & sTarget)
else
if bolWriteLog then objLogFile.WriteLine(Now() & ": Failed: Copy: " & sSource & " to " & sTarget)
end if
on error goto 0
End SubASKER
i dont know vbscript at all so don want to use it...
ASKER
nothing in the event viewer which makes no sense
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
co workers vb script
Create one for each OU and map the drive there.
See here for how: http://blogs.technet.com/b/askds/archive/2009/01/07/using-group-policy-preferences-to-map-drives-based-on-group-membership.aspx