Solved

Login Script to map drives based on group membership

Posted on 2014-01-14
11
7,199 Views
Last Modified: 2014-01-27
I'm looking to map drives based upon group memberships.  I had a scr file I was using at a previous work place to accomplish this.  I would just copy and paste a previous entry and update the group name and unc path to the share.  Would someone have a sample file they could post to me that I could just edit the group name and unc path to fit my network?
0
Comment
Question by:bsjj2727
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +2
11 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39781222
What OS are you running on the desktop/server.  The reason I ask is because you can use group policy preferences to do this an eliminate the need for the login scripts.  More on that here

https://blogs.technet.com/b/askds/archive/2009/01/07/using-group-policy-preferences-to-map-drives-based-on-group-membership.aspx

Thanks

Mike
0
 

Author Comment

by:bsjj2727
ID: 39781225
I'm running Server 2008 and have a mix of Windows 7 and Windows XP desktops
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39781230
ok then you can use GPP, the XP boxes will need the client side extensions

http://www.microsoft.com/en-us/download/details.aspx?id=3628

small reminder...xp support ends in 85 days.  You have time but not much.

Thanks


Mike
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 

Author Comment

by:bsjj2727
ID: 39781239
Thanks for the help, but I would also like to try to script this so I don't have to go around installing this on my XP desktops when I'm in the process of removing them over the next 30 days.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39781241
ok I won't have time to write and test the script against XP machines in a domain.   Another expert will hopefully pick that up.

Thanks

Mike
0
 

Author Comment

by:bsjj2727
ID: 39781244
Thanks for the time Mike
0
 
LVL 5

Expert Comment

by:Jullez
ID: 39781304
Are you looking for a .bat like this?

use "*" /DELETE
 if ingroup("Domain Users")
 use x: "\\server_name\share_name"
 endif


Or

Map drive if user is *not* a member of a certain group (in this case, "Students"):

 If InGroup("Students") = 0
   Use R: "\\server\records"
EndIf


Using Select...EndSelect (stops processing on the first true Case) Select

   Case InGroup("Students")
      Use S: "\\server\student_storage"
   Case InGroup("Office")
      Use O: "\\server\office_docs"
      Use R: "\\server\records"
   Case InGroup("Teachers")
      Use O: "\\server\office_docs"
      Use S: "\\server\student_storage"
      Use T: "\\server\teaching_materials"
EndSelect

Using Boolean operators: If InGroup("Teachers") Or InGroup("Office") Or InGroup("PTA")
   Use G: "\\server\Grownup_Files"
EndIf

If InGroup("2013 Class") And InGroup("Honors")
   Use S: "\\server\smart_kids"
EndIf
0
 

Author Comment

by:bsjj2727
ID: 39781310
I have roughly 10 network shares and right now the current login script maps all drives even of the user doesn't have access, if the user tries to access a drive they don't hVe access too they'll get an access denied.  I want the login script to only map drives that the user has access too I'm in the process now of changing the security in all the shares based off of groups. So I figure the script will look and see of the user is in HR for example it will map the hr share, also all shares will have different letters also
0
 
LVL 5

Accepted Solution

by:
Jullez earned 500 total points
ID: 39781356
For the above example:
1.Get KiXtart
2.Put WKIX32.EXE in both the domain controller's NETLOGON share and %SystemRoot% of each machine.

You can also use a vbscript:

This script checks for finance, accounting, and IT group membership, then maps the corresponding R:, S:, or T: drive.

 Set objNetwork = CreateObject("WScript.Network")
 Set objUser = CreateObject("ADSystemInfo")
 Set objCurrentUser = GetObject("LDAP://" & objUser.UserName)
 strGroup = LCase(Join(objCurrentUser.MemberOf))

 If InStr(strGroup, lcase("Finance")) Then
 objNetwork.MapNetworkDrive "R:", "\\server\shared\finance"
 End If

 If InStr(strGroup, lcase("Accounting")) Then
 objNetwork.MapNetworkDrive "S:", "\\server\shared\accounting"
 End If

 If InStr(strGroup, lcase("IT")) Then
 objNetwork.MapNetworkDrive "T:", "\\server\shared\IT"
 End If

 You can add additional mapped drives by adding more If-Then statements.

Create vbscript, save in NETLOGON, add to your test gpo under User Configuration | Policies | Windows Settings | Scripts (Logon/Logoff) | Logon section .

Don't forget to apply the GPO on the OU you are testing and run GPupdate on the server.
0
 
LVL 55

Expert Comment

by:McKnife
ID: 39783901
To solve it, one can download and use ifmember.exe from Microsoft.
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 39783951
Aside from the fact I would use Group Policy preferences for mapping drives going forward if you want a slightly fancier script that will run on XP and VBS I have one here that gives an Internet Explorer page to give status as it goes along:

http://scripts.dragon-it.co.uk/links/vbscript-login-script

Otherwise use GPP for your Windows 7 machines and keep your XP ones in a different OU or OU structure and assign them the current batch script, or use VBScript or ifmember.exe like has been suggested until they have all gone.

Steve
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question