Solved

Login Script to map drives based on group membership

Posted on 2014-01-14
11
5,938 Views
Last Modified: 2014-01-27
I'm looking to map drives based upon group memberships.  I had a scr file I was using at a previous work place to accomplish this.  I would just copy and paste a previous entry and update the group name and unc path to the share.  Would someone have a sample file they could post to me that I could just edit the group name and unc path to fit my network?
0
Comment
Question by:bsjj2727
  • 4
  • 3
  • 2
  • +2
11 Comments
 
LVL 57

Expert Comment

by:Mike Kline
Comment Utility
What OS are you running on the desktop/server.  The reason I ask is because you can use group policy preferences to do this an eliminate the need for the login scripts.  More on that here

https://blogs.technet.com/b/askds/archive/2009/01/07/using-group-policy-preferences-to-map-drives-based-on-group-membership.aspx

Thanks

Mike
0
 

Author Comment

by:bsjj2727
Comment Utility
I'm running Server 2008 and have a mix of Windows 7 and Windows XP desktops
0
 
LVL 57

Expert Comment

by:Mike Kline
Comment Utility
ok then you can use GPP, the XP boxes will need the client side extensions

http://www.microsoft.com/en-us/download/details.aspx?id=3628

small reminder...xp support ends in 85 days.  You have time but not much.

Thanks


Mike
0
 

Author Comment

by:bsjj2727
Comment Utility
Thanks for the help, but I would also like to try to script this so I don't have to go around installing this on my XP desktops when I'm in the process of removing them over the next 30 days.
0
 
LVL 57

Expert Comment

by:Mike Kline
Comment Utility
ok I won't have time to write and test the script against XP machines in a domain.   Another expert will hopefully pick that up.

Thanks

Mike
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:bsjj2727
Comment Utility
Thanks for the time Mike
0
 
LVL 5

Expert Comment

by:Jullez
Comment Utility
Are you looking for a .bat like this?

use "*" /DELETE
 if ingroup("Domain Users")
 use x: "\\server_name\share_name"
 endif


Or

Map drive if user is *not* a member of a certain group (in this case, "Students"):

 If InGroup("Students") = 0
   Use R: "\\server\records"
EndIf


Using Select...EndSelect (stops processing on the first true Case) Select

   Case InGroup("Students")
      Use S: "\\server\student_storage"
   Case InGroup("Office")
      Use O: "\\server\office_docs"
      Use R: "\\server\records"
   Case InGroup("Teachers")
      Use O: "\\server\office_docs"
      Use S: "\\server\student_storage"
      Use T: "\\server\teaching_materials"
EndSelect

Using Boolean operators: If InGroup("Teachers") Or InGroup("Office") Or InGroup("PTA")
   Use G: "\\server\Grownup_Files"
EndIf

If InGroup("2013 Class") And InGroup("Honors")
   Use S: "\\server\smart_kids"
EndIf
0
 

Author Comment

by:bsjj2727
Comment Utility
I have roughly 10 network shares and right now the current login script maps all drives even of the user doesn't have access, if the user tries to access a drive they don't hVe access too they'll get an access denied.  I want the login script to only map drives that the user has access too I'm in the process now of changing the security in all the shares based off of groups. So I figure the script will look and see of the user is in HR for example it will map the hr share, also all shares will have different letters also
0
 
LVL 5

Accepted Solution

by:
Jullez earned 500 total points
Comment Utility
For the above example:
1.Get KiXtart
2.Put WKIX32.EXE in both the domain controller's NETLOGON share and %SystemRoot% of each machine.

You can also use a vbscript:

This script checks for finance, accounting, and IT group membership, then maps the corresponding R:, S:, or T: drive.

 Set objNetwork = CreateObject("WScript.Network")
 Set objUser = CreateObject("ADSystemInfo")
 Set objCurrentUser = GetObject("LDAP://" & objUser.UserName)
 strGroup = LCase(Join(objCurrentUser.MemberOf))

 If InStr(strGroup, lcase("Finance")) Then
 objNetwork.MapNetworkDrive "R:", "\\server\shared\finance"
 End If

 If InStr(strGroup, lcase("Accounting")) Then
 objNetwork.MapNetworkDrive "S:", "\\server\shared\accounting"
 End If

 If InStr(strGroup, lcase("IT")) Then
 objNetwork.MapNetworkDrive "T:", "\\server\shared\IT"
 End If

 You can add additional mapped drives by adding more If-Then statements.

Create vbscript, save in NETLOGON, add to your test gpo under User Configuration | Policies | Windows Settings | Scripts (Logon/Logoff) | Logon section .

Don't forget to apply the GPO on the OU you are testing and run GPupdate on the server.
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
To solve it, one can download and use ifmember.exe from Microsoft.
0
 
LVL 43

Expert Comment

by:Steve Knight
Comment Utility
Aside from the fact I would use Group Policy preferences for mapping drives going forward if you want a slightly fancier script that will run on XP and VBS I have one here that gives an Internet Explorer page to give status as it goes along:

http://scripts.dragon-it.co.uk/links/vbscript-login-script

Otherwise use GPP for your Windows 7 machines and keep your XP ones in a different OU or OU structure and assign them the current batch script, or use VBScript or ifmember.exe like has been suggested until they have all gone.

Steve
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now