First Last
asked on
Consolidating Logon Scripts
I've recently been tasked with reorganizing my company's group policies and one of the things I'd like to do is consolidate the 6 different GPOs which are used to map network drives for 6 different departments into one logon script. Basically I'd like to say in the script that if they are a member of a particular group then they get a particular drive mapped. I'm not well versed with VBS but can do a basic batch file with the net use command. I'd appreciate any advice for syntax to make this work, thanks!
ASKER
That looks like a 3rd party tool which sounds like it would be pretty cool but I'd prefer to keep it simple and use the operating system's built in ability to do this. Thank you for the link though, it looks very interesting!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
sorry just noticed your preference on using built in tools!
You can find many example of VB Scripts that will map network drives based on group membership with a google search, you can just have the one script then.
Here is some code I have used for some previous logon scripts.
Const ADS_NAME_TYPE_1779 = 1
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_INITTYPE_DOMAIN = 1
sDomain = Replace(Replace(UCase(GetObject("LDAP://rootDSE").Get("defaultNamingContext")), "DC=", ""), ",", "")
Set oWShell = CreateObject("WScript.Shell")
Set oNetwork = CreateObject( "WScript.Network")
Set oTranslate = CreateObject("NameTranslate")
bForceDisconnect = True ' True/False - Force disconnect of existing drive mappings before mapping new drives
bPersistentMappings = True ' True/False - Drive mappings will remain at next logon, even if not connected to network
Do While oNetwork.UserName = ""
WScript.Sleep 250
Loop
sUserName = oNetwork.UserName
oTranslate.Init ADS_NAME_INITTYPE_DOMAIN, sDomain
oTranslate.Set ADS_NAME_TYPE_NT4, sDomain & "\" & sUserName
Set oADUser = GetObject("LDAP://" & oTranslate.Get(ADS_NAME_TYPE_1779))
Set oGroupMembership = CreateObject("Scripting.Dictionary")
oGroupMembership.CompareMode = vbTextCompare
For Each oGroup In oADUser.Groups
RecurseGroup(oGroup.ADsPath)
Next
Set dMappedDrives = CreateObject("Scripting.Dictionary")
dMappedDrives.CompareMode = vbTextCompare
Call BuildMappedDrivesDictionary()
If CheckGroup("My Test Group") Then _
MapDrive "Z:", "\\myserver\myfolder"
Function CheckGroup(sGroup)
On Error Resume Next
CheckGroup = oGroupMembership.Exists(sGroup)
End Function
Function RecurseGroup(sADsPath)
On Error Resume Next
Set oRGroup = GetObject(sADsPath)
oGroupMembership.Add Replace(oRGroup.Name,"CN=",""), True
oRGroup.GetInfo
Err.Clear
cMemberOf = oRGroup.GetEx("memberOf")
If Err.Number <> 0 Then Exit Function
For Each sMemberOf In cMemberOf
RecurseGroup("LDAP://" & sMemberOf)
Next
End Function
Sub MapDrive(sDrive, sNewShare)
On Error Resume Next
'
' Check to see if the path is already mapped to the requested location
'
If dMappedDrives.Exists(sNewShare) Then
If dMappedDrives.Item(sNewShare) = UCase(sDrive) Then
Exit Sub
Else
If bForceDisconnect = True Then
oNetwork.RemoveNetworkDrive dMappedDrives.Item(sNewShare), True, True
dMappedDrives.Remove(dMappedDrives.Item(sNewShare))
dMappedDrives.Remove(sNewShare)
End If
Err.Clear
End If
End If
'
' Loop through drives to check if there is an existing mapping
'
If dMappedDrives.Exists(UCase(sDrive)) Then
If UCase(dMappedDrives.Item(sDrive)) = UCase(sNewShare) Then
Exit Sub
Else
If bForceDisconnect = True Then
Err.Clear
oNetwork.RemoveNetworkDrive sDrive, True, True
If Err.Number <> 0 Then Exit Sub
dMappedDrives.Remove(dMappedDrives.Item(sDrive))
dMappedDrives.Remove(sDrive)
Else
Exit Sub
End If
End If
End If
'
' Now the drive letter is free, so map the drive
'
oNetwork.MapNetworkDrive UCase(sDrive), sNewShare, bPersistentMappings
End Sub
Sub BuildMappedDrivesDictionary()
On Error Resume Next
Const HKEY_CURRENT_USER = &H80000001
Set oRegistry = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
oRegistry.EnumKey HKEY_CURRENT_USER, "Network\", aSubKeys
For Each oSubKey In aSubKeys
sTempPath = oShell.RegRead("HKCU\Network\" & oSubKey & "\RemotePath")
If Not dMappedDrives.Exists(sTempPath) Then dMappedDrives.Add sTempPath, UCase(oSubKey & ":")
dMappedDrives.Add UCase(oSubKey & ":"), sTempPath
Next
Set oRegistry = Nothing
End Sub
ASKER
KenMCF, I love this idea and didn't even know it was present in 2008 R2! I did try a small experiment this morning but the drive didn't map thought policy was applied. Its on an XP client so I'm assuming this is because of the client side extensions...can you describe exactly what that is? Would I need to run an installer of some kind on every XP client I have to make this work?
The CSE is a seperate download for XP computers. Here is the link to download and install
http://www.microsoft.com/downloads/en/details.aspx?familyid=E60B5C8F-D7DC-4B27-A261-247CE3F6C4F8&displaylang=en
http://www.microsoft.com/downloads/en/details.aspx?familyid=E60B5C8F-D7DC-4B27-A261-247CE3F6C4F8&displaylang=en
Have you looked at Kix for scripting.
www.kixtart.org
It has stuff such as If InGroup("somegroup") then use x: \\server\share endif
etc...
Plus, there is a lot of user support on the forums there.