VB Script for active directory logon

Hi all,

I am going to deploy a new AD under windows 2008 to run at logon.  I am seeking a sample script that allows the following functionality:

1. Check if home user directory exists, if it does not, create and set permissions to the user
2. check to see if any drive mappings exist, if they do remove all of them
3. check what groups the user is a member and map drives and printers accordingly
4. if user is a member of VDI group, redirect my documents, desktop, etc to user home directory (i.e. \\myshare\users\%username%\VDI\).
5. check to see that outlook has a default profile if it does not make one and set it (outlook 2007-2010)


I would prefer to do this in VB, I know Windows 2008 has some limited functionality to do some of this but we still have a large number of windows xp systems on the network that can not be upgraded any time soon.

If you need any other questions please ask :)

Thanks!
LVL 1
smyers051972Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

dinsjCommented:
Use powershell it will make your life easier and its backwards compatible so you will be able to use it for your xp pcs.
smyers051972Author Commented:
I think I would rather do it VB because its going to be a big pain to introduce something new and have to test it and get it approved for use.
smyers051972Author Commented:
?
Defend Against the Q2 Top Security Threats

Were you aware that overall malware worldwide was down a surprising 42% from Q1'18? Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that analyzes the top threat trends impacting companies worldwide. Learn more by viewing our on-demand webinar today!

Bob StoneIT GuruCommented:
Dinsj hit the nail on the head. You can do all that stuff easily in Powershell, it isn't new either, it came out in NT4. With a little bit of searching you can find pretty much any plug-n-play type script for it. Ver 3 in Server 2008 is the easiest one yet.
dinsjCommented:
powershell is backwards compatible also, so you can save a powershell script with a vbs extension and it will run, if you worried about change control etc
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
powershell is backwards compatible also, so you can save a powershell script with a vbs extension and it will run
Sorry, dinsj, but that is nonsense. A PowerShell script is a PowerShell script, and never can run as VB Script without modification. And "backwards compatible" is not correct, as you cannot use PS2 features with PS1, of course.

Stone, I don't think you are correct with NT4, and PS being of current version 3. We are with PS2, officially, and PS3 is in the works. What we understand as PowerShell now has been introduced later with XP (as an add-on option), and included with Vista and above.

Nevertheless, the point is indeed that PS scripts run on XP, if you install PowerShell (which comes with Windows Update as an option, btw). VBS will refuse to die for the next few years, so there is no reason to not use it.
Bob StoneIT GuruCommented:
It was called Windows Script Host back in the days of Win 95/98/NT, a precursor to Powershell.

The preview version of Powershell 3.0 was released in December.
dinsjCommented:
Qlemo as long as you set the execution policy this can be done
Bob StoneIT GuruCommented:
I am not trying to be contrary or anything. It just sounds like he is trying to re-invent the wheel here is all.
smyers051972Author Commented:
Again I would rather get an example or set of examples to work on in VBS :)
markdmacCommented:
My login script faq has much of what you are looking for.
Http://www.tek-tips.com/faqs.cfm?fid=5798

Also look at my blog for the code to set the permissions on the folders:
Http://www.thespidersparlor.com/technicalblog/?p=9

Also you are correct about PowerShell.  In order for a PowerShell script to execute locally, PowerShell must be installed on the PC.  A PowerShell script that makes remote calls to a Pc can do so using WMI which has been around forcsome time, but that will not help you in this case.

PowerShell was first introduced with Windows 7 and was back ported for XP and Vista where you can manually install it.
pwindellCommented:
I don't understand why anyone wants to "reinvent the wheel" with a "script".  Everything he wants to do is already a normal part of User Account Properties,....Roaming Profiles,...Folder Redirection,...and Offline Files,...and probably a few other functions in the OS.   Just use the correct combination of those things and be done with it and forget about stupid "scripts" for everything.  I've been doing this stuff since most of todays Admins were in grade school and have done it without having to write Scripts to do things that are already built into the OS in the first place if you just use it properly.
markdmacCommented:
Pwindell, I have been "doing this stuff" for 17 years and find your comments to be offensive.As someone who taught VBScript as a Microsoft employee I can say there is nothing "stupid" about scripting.   There are reasons to do what the OP is requesting, so if you disagree then post viable alternatives without denegration.
pwindellCommented:
Then you get offended too easy.  Scripting is not stupid "globally".  I have written a few VBScripts used in ASP Classic in a few of our Web Apps.  But needless scripting,...is exactly that,..needless.  When the OS already has functionality to do that job all scripting does is make things more complicated and cause there to have to be more documentation to cover it.  I actually think that way too many Admins do it for job security,...so they are the only ones who know how it works.  Then of course they eventually leave and go to a new job and anyone coming in after them has a mess on their hands to figure out how things were done.

so if you disagree then post viable alternatives without denegration.

I did exactly that.  It was only your personal interpretation of what I wrote that considered it degenerative.   If you've been doing this 17 years then that is enough time to learn to not be so thin skinned.
markdmacCommented:
I will agree to disagree.  I personally don't like folder redirection policies.  They don't work well with laptop users and create problems with registry tattooing when you later want to move to new servers.  Scripting provides a central point of administration that when documented properly is easier to maintain.

GPP is certainly a good way to go to eliminate a lot of the OPs needs, however getting CSE to install on legacy systems is often problematic.  As the request for help was for a VB solution I think it appropriate to offer the requested advice without declaring the requested solution as stupid.
smyers051972Author Commented:
Just to inform you the folder redirection policy would only be for a group, not globally, this is for VDI desktops so they would not be mobile in that sense.

As for everything that is located in the users profile, its not complete as I would like it and I would rather do it the way I am used to doing it, considering that some of the VDI desktops are Windows XP, server 2008 can't fully manage those areas.  

In my opinion at least I would just rather stick to VBS, its easier for me to manage as well.
smyers051972Author Commented:
@markdmac

The first link looks really good and I think I will use part of that, the second one about the permissions I am not sure will do it though, what it needs to do is:

1. at login, check to see if their home folder exists for example: \\server\users\%username%
2. if it does not, create it
3. if it was created, assign permissions to that folder giving them full rights to it

I am not sure if this piece is viable or not, it might take a script to run on a server as an admin, every hour or so to compare users in AD then check to see if the home folders exist and do the above if they do not.

I realize the second option might be taxing on a server but I have a lot of resources to work with on that particular system.
markdmacCommented:
Tied up at work but will reply later with sample code for you.
smyers051972Author Commented:
No problem, thanks for the reply :)
smyers051972Author Commented:
Any follow ups? :)
David Johnson, CD, MVPOwnerCommented:
I am going to deploy a new AD under windows 2008 to run at logon.  I am seeking a sample script that allows the following functionality:

1. Check if home user directory exists, if it does not, create and set permissions to the user



2. check to see if any drive mappings exist, if they do remove all of them
3. check what groups the user is a member and map drives and printers accordingly


2 sources: http://www.experts-exchange.com/Programming/Languages/Scripting/Powershell/Q_24495343.html
http://thisishelpful.com/powershell-login-script-map-network-drives-printers-applicaton-settings.html


4. if user is a member of VDI group, redirect my documents, desktop, etc to user home directory (i.e. \\myshare\users\%username%\VDI\).


group policy already has this


5. check to see that outlook has a default profile if it does not make one and set it (outlook 2007-2010)

see http://www.howto-outlook.com/howto/deployprf.htm
smyers051972Author Commented:
Closing this question, neglected for months.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
smyers051972Author Commented:
Neglected
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.