[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Consolidating Logon Scripts

Posted on 2011-05-03
9
Medium Priority
?
664 Views
Last Modified: 2012-05-11
I've recently been tasked with reorganizing my company's group policies and one of the things I'd like to do is consolidate the 6 different GPOs which are used to map network drives for 6 different departments into one logon script.  Basically I'd like to say in the script that if they are a member of a particular group then they get a particular drive mapped.  I'm not well versed with VBS but can do a basic batch file with the net use command.  I'd appreciate any advice for syntax to make this work, thanks!
0
Comment
Question by:First Last
  • 2
  • 2
  • 2
  • +3
9 Comments
 
LVL 22

Expert Comment

by:chakko
ID: 35513427

Have you looked at Kix for scripting.

www.kixtart.org

It has stuff such as If InGroup("somegroup") then  use x: \\server\share   endif

etc...

Plus, there is a lot of user support on the forums there.

0
 
LVL 1

Author Comment

by:First Last
ID: 35513470
That looks like a 3rd party tool which sounds like it would be pretty cool but I'd prefer to keep it simple and use the operating system's built in ability to do this.  Thank you for the link though, it looks very interesting!
0
 
LVL 27

Accepted Solution

by:
KenMcF earned 1600 total points
ID: 35513776
Since you have windows 2088 why not use group policy preferences with item level targeting to map your drives. If you have WinXP clients remember to install the client side extensions to be able to use the GPP.

http://blogs.technet.com/b/askds/archive/2009/01/07/using-group-policy-preferences-to-map-drives-based-on-group-membership.aspx
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 6

Assisted Solution

by:LHT_ST
LHT_ST earned 400 total points
ID: 35513796
you could use ifmember.exe

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=07c2f6d7-815e-4fa0-9043-4e4635ccd417

syntax would be something like

%directory of ifmember%\IFMEMBER %groupname%
if %errorlevel%==0 GOTO End
net use %drive letter% /d
net use %drive letter%  \\share to map
:end

create 6 groups and add the users into the groups for each drive mapping then set up the script to map the drives needed for each group and run it.
0
 
LVL 6

Expert Comment

by:LHT_ST
ID: 35513804
sorry just noticed your preference on using built in tools!
0
 
LVL 24

Expert Comment

by:Mike Thomas
ID: 35513906
You can find many example of VB Scripts that will map network drives based on group membership with a google search, you can just have the one script then.

0
 
LVL 8

Expert Comment

by:spinzr0
ID: 35575229
Here is some code I have used for some previous logon scripts.
Const ADS_NAME_TYPE_1779                =  1
Const ADS_NAME_TYPE_NT4                 =  3
Const ADS_NAME_INITTYPE_DOMAIN          =  1
sDomain = Replace(Replace(UCase(GetObject("LDAP://rootDSE").Get("defaultNamingContext")), "DC=", ""), ",", "")

Set oWShell = CreateObject("WScript.Shell")
Set oNetwork = CreateObject( "WScript.Network")
Set oTranslate = CreateObject("NameTranslate")

bForceDisconnect = True        ' True/False - Force disconnect of existing drive mappings before mapping new drives
bPersistentMappings = True      ' True/False - Drive mappings will remain at next logon, even if not connected to network

Do While oNetwork.UserName = ""
    WScript.Sleep 250
Loop
sUserName = oNetwork.UserName

oTranslate.Init ADS_NAME_INITTYPE_DOMAIN, sDomain
oTranslate.Set ADS_NAME_TYPE_NT4, sDomain & "\" & sUserName
Set oADUser = GetObject("LDAP://" & oTranslate.Get(ADS_NAME_TYPE_1779))

Set oGroupMembership = CreateObject("Scripting.Dictionary")
oGroupMembership.CompareMode = vbTextCompare
For Each oGroup In oADUser.Groups
    RecurseGroup(oGroup.ADsPath)
Next

Set dMappedDrives = CreateObject("Scripting.Dictionary")
dMappedDrives.CompareMode = vbTextCompare
Call BuildMappedDrivesDictionary()

If CheckGroup("My Test Group") Then _
    MapDrive "Z:", "\\myserver\myfolder"

Function CheckGroup(sGroup)
    On Error Resume Next
    CheckGroup = oGroupMembership.Exists(sGroup)
End Function

Function RecurseGroup(sADsPath)
    On Error Resume Next

    Set oRGroup = GetObject(sADsPath)
    oGroupMembership.Add Replace(oRGroup.Name,"CN=",""), True
    oRGroup.GetInfo
    Err.Clear
    cMemberOf = oRGroup.GetEx("memberOf")
    If Err.Number <> 0 Then Exit Function
    For Each sMemberOf In cMemberOf
        RecurseGroup("LDAP://" & sMemberOf)
    Next
End Function

Sub MapDrive(sDrive, sNewShare)
    On Error Resume Next
    '
    ' Check to see if the path is already mapped to the requested location
    '
    If dMappedDrives.Exists(sNewShare) Then
         If dMappedDrives.Item(sNewShare) = UCase(sDrive) Then
             Exit Sub
         Else
             If bForceDisconnect = True Then
                 oNetwork.RemoveNetworkDrive dMappedDrives.Item(sNewShare), True, True
                 dMappedDrives.Remove(dMappedDrives.Item(sNewShare))
                 dMappedDrives.Remove(sNewShare)
             End If
             Err.Clear
         End If
    End If
    '
    ' Loop through drives to check if there is an existing mapping
    '
    If dMappedDrives.Exists(UCase(sDrive)) Then
        If UCase(dMappedDrives.Item(sDrive)) = UCase(sNewShare) Then
            Exit Sub
        Else
            If bForceDisconnect = True Then
                Err.Clear
                oNetwork.RemoveNetworkDrive sDrive, True, True
                If Err.Number <> 0 Then Exit Sub
                dMappedDrives.Remove(dMappedDrives.Item(sDrive))
                dMappedDrives.Remove(sDrive)
            Else
                Exit Sub
            End If
        End If
    End If
    '
    ' Now the drive letter is free, so map the drive
    '
    oNetwork.MapNetworkDrive UCase(sDrive), sNewShare, bPersistentMappings
End Sub

Sub BuildMappedDrivesDictionary()
    On Error Resume Next
    Const HKEY_CURRENT_USER = &H80000001
    Set oRegistry = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
 
    oRegistry.EnumKey HKEY_CURRENT_USER, "Network\", aSubKeys
 
    For Each oSubKey In aSubKeys
        sTempPath = oShell.RegRead("HKCU\Network\" & oSubKey & "\RemotePath")
        If Not dMappedDrives.Exists(sTempPath) Then dMappedDrives.Add sTempPath, UCase(oSubKey & ":")
        dMappedDrives.Add UCase(oSubKey & ":"), sTempPath
    Next
    Set oRegistry = Nothing
End Sub

Open in new window

0
 
LVL 1

Author Comment

by:First Last
ID: 35691372
KenMCF, I love this idea and didn't even know it was present in 2008 R2!  I did try a small experiment this morning but the drive didn't map thought policy was applied.  Its on an XP client so I'm assuming this is because of the client side extensions...can you describe exactly what that is?  Would I need to run an installer of some kind on every XP client I have to make this work?
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 35691522
The CSE is a seperate download for XP computers. Here is the link to download and install

http://www.microsoft.com/downloads/en/details.aspx?familyid=E60B5C8F-D7DC-4B27-A261-247CE3F6C4F8&displaylang=en
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question