Windows 2003 Server w/AD, custom login.bat file.
I'm wanting to put together a login.bat file that applies If/Then to Groups, to include or exclude mappings. Not overly complex environment, just would like to control un-needed mappings.
Unless there is a better way to achieve this.
We're migrating to 2012 too, so will these changes adapt?
Unless there is a better way to achieve this.
We're migrating to 2012 too, so will these changes adapt?
R. Toby Richards
I have found that if my OU's are properly organized, then I just apply logon scripts for mapped drive on a per OU basis. If you want to look at groups, then you're going to need to use Visual Basic Script or Power Shell.
I wrote a VB Login script a while ago that can accomplish what you are after:
-saige-
' Company Login script
' Author: Richard Fouts
' Date: 17-02-2006
Option Explicit ' Force Explicit Declarations
'//////////// DO NOT MODIFY BELOW ////////////
' Declare variables
' Object variables
Dim objFSO ' File System Object
Dim objNetwork ' Network Object
Dim objShell ' Shell Object
Dim objSysInfo ' System Information Object
Dim objComputer ' Computer Object
Dim objGroupList ' Group List Object
Dim objUser ' User Object
Dim objIExplore ' Internet Explorer Object
' String variables
Dim strGroup ' Group String
Dim strComputerDN ' Computer String
Dim strUserDN ' User String
' Array Variables
Dim mDrive(100) ' Array of Drive parameters
' Dim objNoRun(100) ' Array of objects that will not run the script
' Dim objNoPRN(100) ' Array of objects that will not have printers installed on them
Dim mMailInf(100) ' Array used for the SendMail function
Dim mPrn(100) ' Array of Printer parameters
Dim mRegInf(100) ' Array used for the AddReg function
' IE variables
Dim IEWdth ' Width of IE Window
Dim IEHght ' Height of IE Window
Dim IEVisible ' IE Window visible or not
Dim IETime ' Time IE Windows stays visible after login script completes
Dim IETitle ' Title of IE Window
Dim IECoName ' Company Name
' Option variables
Dim optionDrv ' Drive options variable
Dim optionPrn ' Printer options variable
Dim optionReg ' Registry options variable
Dim optionMail ' Mail options variable
' Miscellaneous variables
Dim rmoveDrvs ' Remove drive mappings switch
Dim rmovePrns ' Remove printer connections switch
Dim Drives ' Drives mapped currently
Dim Prns ' Printer currently connected
Dim StartTime ' Script Activation Time
Dim varIdx ' Index Counting
Dim objNoRunIdx ' Index Counting for No Run Objects
Dim objNoPRNIdx ' Index Counting for No Printer Objects
Dim AREnabled ' Switch variable for AddReg Function
Dim SMEnabled ' Switch variable for SendMail Function
' Drive mapping and printer connection options
On Error Resume Next
' Set objShell to Wscript.Shell
Set objShell = CreateObject("Wscript.Shell")
' Set nUser variable to WScript.Network
'Set nUser = WScript.CreateObject("Wscript.Network")
' Set objFSO variable to Scripting File System
Set objFSO = CreateObject("Scripting.FileSystemObject")
' Set objNetwork variable to WScript.Network
Set objNetwork = CreateObject("WScript.Network")
' Set objSysInfo variable to ADSystemInfo
Set objSysInfo = CreateObject("ADSystemInfo")
' Set strUserDN to Domain Username
strUserDN = objSysInfo.userName
' Set strComputerDN to Domain Computername
strComputerDN = objSysInfo.computerName
' Bind to the user and computer objects with the LDAP provider.
Set objUser = GetObject("LDAP://" & strUserDN)
Set objComputer = GetObject("LDAP://" & strComputerDN)
' Whie objNetwork.UserName is NULL, sleep for 250 seconds and loop
'Do while objNetwork.UserName = ""
' WScript.Sleep 250
'Loop
'//////////// DO NOT MODIFY ABOVE ////////////
'\\\\\\\\\\\\ MODIFY THIS SECTION BELOW \\\\\\\\\\\\
' Should the script remove current drive mappings (TRUE/FALSE)
rmoveDrvs = TRUE
' Should the script remove current printer connections (TRUE/FALSE)
rmovePrns = FALSE
' Default drive mappings
' mDrive(x) is the array location
' value after must one of the following masks:
'
' D,,X:,\\servername\sharename,persistency
' U,Username,X:,\\servername\sharename,persistency
' G,Groupname,X:,\\servername\sharename,persistency
'
' Where:
'
' D, U, G denote the mapping type:
' D = Default drive mapping
' U = User specific drive mapping
' G = Group specific drive mapping
' Username and Groupname are the name of the user or group
' X is the drive letter with a colon preceeding
' servername is the name of the server
' sharename is the name of the share or path
' persistency is the whether you want a persistent connection or not (TRUE/FALSE)
'
' Note: There should be no spaces between the drive and the colon
' There should be no spaces between the colon and the comma
' There should be no spaces between the comma and the first backslash
' All other dos rules apply
'mDrive(0) = "D,,G:,\\servername\sharename,TRUE"
'mDrive(1) = "D,,H:,\\servername\users\" & objNetwork.UserName & ",TRUE"
'mDrive(2) = "U,John,I:,\\servername\sharename,TRUE"
'mDrive(3) = "G,Groupname,J:,\\servername\sharename,TRUE"
' Default printer connections
' mPrn(x) is the array location
' value after must one of the following masks:
'
' D,\\servername\printersharename
' U,Username,\\servername\printersharename
' C,Computername,\\servername\printersharename
' G,Groupname,\\servername\printersharename
'
' Where:
'
' D, U, G denote the connection type:
' D = Default printer connection
' U = User specific printer connection
' C = Computer specific printer connection
' G = Group specific printer connection
' Username and Groupname are the name of the user or group
' servername is the name of the server
' printersharename is the name of the printer
'
' Note: There should be no spaces between the comma and the first backslash
' All other dos rules apply
'mPrn(0) = "D,,\\servername\printersharename"
'mPrn(1) = "U,John,\\servername\printersharename"
'mPrn(2) = "C,COMPUTER1,\\servername\printersharename"
'mPrn(3) = "G,Groupname,\\servername\printersharename"
' Width (in pixels) of IE Window
IEWdth = "350"
' Height (in pixels) of IE Window
IEHght = "650"
' IE Window visible or not
' Valid values are True or False
IEVisible = "True"
' Time (in seconds) IE Windows stays visible after login script completes
IETime = "4000"
' Title of IE Window
IETitle = "Your Company, Inc. Login Script"
' Company Name
IECoName = "Your Company, INC."
'\\\\\\\\\\\\ MODIFY THIS SECTION ABOVE \\\\\\\\\\\\
'//////////// ADVANCED MODIFICATIONS ////////////
' Do not run script on the following devices
' objNoRun is used to tell the login script not to run on a/the specific device(s).
' objNoRun is formatted using the complete LDAP address of the device(s).
' objNoRun = "CN=SERVER1,OU=Domain Controllers,DC=yourdomain,DC=local"
' objNoRun = "CN=COMPUTER1,OU=Computers,DC=yourdomain,DC=local"
' objNoRun = "CN=DEVICENAME,OU=GROUPNAME,DC=DOMAIN"
' Do not run script on the following devices
' objNoPRN is used to tell the login script not to add printer connections to a/the specific device(s).
' objNoPRN is formatted using the complete LDAP address of the device(s).
' objNoPRN = "CN=SERVER1,OU=Domain Controllers,DC=yourdomain,DC=local"
' objNoPRN = "CN=COMPUTER1,OU=Computers,DC=yourdomain,DC=local"
' objNoPRN = "CN=DEVICENAME,OU=GROUPNAME,DC=DOMAIN"
' AddReg Enabled (TRUE/FALSE)
AREnabled = FALSE
' SendMail Enabled (TRUE/FALSE)
SMEnabled = FALSE
' What is the registry key path
'mRegInf(0) = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon,LegalNoticeCaption,My Company Confidentiality Agreenment"
'mRegInf(1) = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon,LegalNoticeText,The information contained on this computer " & _
' "is proprietary to the Company and as such, is confidential and protected under the provisions within " & _
' "the security regulations pertaining to the electronic storage, transmission and release of patient information." & vbCrlf & vbCrlf & _
' "By accessing this computer system, you acknowledge the confidentiality of this information and agree to protect " & _
' "the electronic storage, transmission and release of patient information as outlined within the security regulations."
' Send mail to
'mMailInf(0) = "mymail@company.com,secondmail@company.com,Computer updated,A computer has been updated with the LegalCaptionNotice and LegalCaptionText."
'\\\\\\\\\\\\ ADVANCED MODIFICATIONS \\\\\\\\\\\\
'//////////// DO NOT MODIFY BELOW ////////////
' Start of Login Script
' Set objIExplore varable to Internet Explorer Application
Set objIExplore = WScript.CreateObject("InternetExplorer.Application","event_")
' Set Drives variable to enumeration of network drives
Set Drives = objNetwork.EnumNetworkDrives
' Set Prns variable to enumeration of printers
Set Prns = objNetwork.EnumPrinterConnections
' Open blank Internet Explorer window
objIExplore.Navigate "about:Blank"
' Set window width to defined width in px
objIExplore.Width = IEWdth
' Set window height to defined height in px
objIExplore.Height = IEHght
' Set window with no toolbar
objIExplore.Toolbar = False
' Set window with no status bar
objIExplore.StatusBar = False
' Set window to visible
objIExplore.Visible = True
' Set window to non-resizable
objIExplore.Resizable = False
' Set window at 10px from top of screen
objIExplore.Top = 10
' Set window at 10px from left edge of screen
objIExplore.Left = 10
' Set window to visible
objIExplore.Visible = IEVisible
' Set StartTime variable to Now (current time)
StartTime = Now
' Set Get access to UserObj Active Directory object
'Set UserObj = GetObject("WinNT://" & objNetwork.UserDomain & _
' "/" & objNetwork.UserName)
' Set UserName variable to User
'UserName = "User"
' While objIExplore window is not ready, sleep for 250 seconds and loop
Do While Not objIExplore.ReadyState = 4
WScript.Sleep 250
Loop
' Set window title to company name
objIExplore.Document.Title = IETitle
' Set window font to Verdana
objIExplore.Document.Body.Style.FontFamily = "Verdana"
' Set fontsize to 10pt
objIExplore.Document.Body.Style.FontSize = "10"
' Inside window, write the company name
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"<U Style='Color:DarkRed'>" & IECoName & "</U><BR>"
' Inside window, write the domain name
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"<U Style='Color:DarkBlue'>" & objNetwork.UserDomain & "</U><BR><BR>"
' Inside window, write the user name
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Running for " & objNetwork.UserName & "<BR>@" & Now & "<BR>@"& _
objNetwork.UserDomain & "<BR><BR>"
' Inside window, write the strGroup information
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
strGroup
' Inside window, welcome the user to the domain
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Welcome " & objNetwork.UserName & " to the " & objNetwork.UserDomain & _
" domain." & "<BR><BR>"
' Inside windows, write mapping drives
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"<I>Mapping drives:</I><BR>"
' Set ObjGroupDict to return from CreateMemberOfObject function
'Set ObjGroupDict = CreateMemberOfObject(nUser.UserDomain, nUser.UserName)
' If statement to remove current drive and printer connections
If rmoveDrvs = TRUE Then
' For loop to work with enumerated network drives
For varIdx = 0 To Drives.Count -1 Step 2
' Remove network drive mapping
objNetwork.RemoveNetworkDrive Drives.Item(varIdx), true
' Inside window, print results of removing drive mapping
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Removed " & Drives.Item(varIdx) & "<BR>"
' Call DeleteDriveMapping function to remove persistent connection
DeleteDriveMapping(Drives.Item(varIdx))
' Next iteration in for-loop
Next
End If
If rmovePrns = TRUE Then
' For loop to work with enumerated printer connections
For varIdx = 0 To Prns.Count -1 Step 2
' Remove network drive mapping
objNetwork.RemovePrinterConnection Prns.Item(varIdx), TRUE, TRUE
' Inside window, print results of removing drive mapping
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Removed " & Prns.Item(varIdx) & "<BR>"
' Next iteration in for-loop
Next
End If
' Inside window, print applying exact mapping
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Applying Exact mapping...<BR>"
' Beggining of drive mappings
' Inside window, print general drive mappings
' Inside window, print advanced drive mappings
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"<BR>Drive mappings for " & objNetwork.UserName & "...<BR>"
' Username driven mappings
For varIdx = LBound(mDrive) To UBound(mDrive)
optionDrv = Split(mDrive(varIdx),",")
' Switch statement
Select Case UCase(optionDrv(0))
' Default Case
Case "D"
'////////// TEST VARIABLE PASS THROUGH \\\\\\\\\\
'Wscript.echo "If " & objNetwork.UserName & " is " & optionDrv(1) & _
' " then attempting to connect " & optionDrv(2) & " to " & _
' optionDrv(3) & " The mapping will be persitant: " & optionDrv(4)
' Inside window, print results of removing drive mapping
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Connecting " & optionDrv(2) & " to " & optionDrv(3) & "... "
If Not MapDrive(optionDrv(2), optionDrv(3), optionDrv(4)) Then
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"NOT CONNECTED!!!<BR>"
Else
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"CONNECTED!!!<BR>"
End If
' User Case
Case "U"
'////////// TEST VARIABLE PASS THROUGH \\\\\\\\\\
'Wscript.echo "If " & objNetwork.UserName & " is " & optionDrv(1) & _
' " then attempting to connect " & optionDrv(2) & " to " & _
' optionDrv(3) & " The mapping will be persitant: " & optionDrv(4)
If UCase(objNetwork.UserName) = UCase(optionDrv(1)) Then
' Inside window, print results of removing drive mapping
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Connecting " & optionDrv(2) & " to " & optionDrv(3) & "... "
If Not MapDrive(optionDrv(2), optionDrv(3), optionDrv(4)) Then
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"NOT CONNECTED!!!<BR>"
Else
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"CONNECTED!!!<BR>"
End If
End If
' Group Case
Case "G"
'////////// TEST VARIABLE PASS THROUGH \\\\\\\\\\
'Wscript.echo "If " & objNetwork.UserName & " is a member of " & optionDrv(1) & _
' " then attempting to connect " & optionDrv(2) & " to " & _
' optionDrv(3) & " The mapping will be persitant: " & optionDrv(4)
If (IsMember(objUser, optionDrv(1)) = True) Then
' Inside window, print results of removing drive mapping
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Connecting " & optionDrv(2) & " to " & optionDrv(3) & "... "
If Not MapDrive(optionDrv(2), optionDrv(3), optionDrv(4)) Then
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"NOT CONNECTED!!!<BR>"
Else
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"CONNECTED!!!<BR>"
End If
End If
' Error Case or case mismatch
Case Else
'Wscript.echo "Error in array: " & vbCrLf & " optionDrv(0) - " & optionDrv(0) & _
' vbCrLf & " optionDrv(1) - " & optionDrv(1) & vbCrLf & _
' " optionDrv(2) - " & optionDrv(2) & vbCrLf & " optionDrv(3) - " & optionDrv(3) & _
' vbCrlf & " optionDrv(4) - " & optionDrv(4)
End Select
' Next iteration of Drive Mappings Loop
Next
' End of drive mappings
' Beggining of printer connections
' Inside window, print general printer mappings
' Inside window, print advanced printer connections
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"<BR>Printer connections for " & objNetwork.UserName & "...<BR>"
' Username driven printer connections
For varIdx = LBound(mPrn) To UBound(mPrn)
optionPrn = Split(mPrn(varIdx),",")
' Switch statement
Select Case UCase(optionPrn(0))
' Default Case
Case "D"
'////////// TEST VARIABLE PASS THROUGH \\\\\\\\\\
'Wscript.echo "If " & objNetwork.UserName & " is " & optionPrn(1) & _
' " then attempting to connect to printer " & optionPrn(2) & "using a persistant" & _
' " connection: " & optionPrn(3)
' Inside window, print results of removing drive mapping
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Connecting to " & optionPrn(2) & "... "
If Not ConnPrn(optionPrn(2), optionPrn(3)) Then
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"NOT CONNECTED!!!<BR>"
Else
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"CONNECTED!!!<BR>"
End If
' User Case
Case "U"
'////////// TEST VARIABLE PASS THROUGH \\\\\\\\\\
'Wscript.echo "If " & objNetwork.UserName & " is " & optionPrn(1) & _
' " then attempting to connect to printer " & optionPrn(2) & "using a persistant" & _
' " connection: " & optionPrn(3)
If UCase(objNetwork.UserName) = UCase(optionPrn(1)) Then
' Inside window, print results of removing drive mapping
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Connecting to " & optionPrn(2) & "... "
If Not ConnPrn(optionPrn(2), optionPrn(3)) Then
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"NOT CONNECTED!!!<BR>"
Else
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"CONNECTED!!!<BR>"
End If
End If
' Computer Case
Case "C"
'////////// TEST VARIABLE PASS THROUGH \\\\\\\\\\
'Wscript.echo "If " & objNetwork.ComputerName & " is " & optionPrn(1) & _
' " then attempting to connect to " & optionPrn(2) & "using a persistant" & _
' " connection: " & optionPrn(3)
If UCase(objNetwork.ComputerName) = UCase(optionPrn(1)) Then
' Inside window, print results of removing drive mapping
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Connecting to " & optionPrn(2) & "... "
If Not ConnPrn(optionPrn(2), optionPrn(3)) Then
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"NOT CONNECTED!!!<BR>"
Else
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"CONNECTED!!!<BR>"
End If
End If
' Group Case
Case "G"
'////////// TEST VARIABLE PASS THROUGH \\\\\\\\\\
'Wscript.echo "If " & objNetwork.UserName & " is a member of " & optionPrn(1) & _
' " then attempting to connect to " & optionPrn(2) & "using a persistant" & _
' " connection: " & optionPrn(3)
If (IsMember(objUser, optionPrn(1)) = True) Then
' Inside window, print results of removing drive mapping
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Connecting to " & optionPrn(2) & "... "
If Not ConnPrn(optionPrn(2), optionPrn(3)) Then
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"NOT CONNECTED!!!<BR>"
Else
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"CONNECTED!!!<BR>"
End If
End If
If (IsMember(objComputer, optionPrn(1)) = True) Then
' Inside window, print results of removing drive mapping
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Connecting to " & optionPrn(2) & "... "
If Not ConnPrn(optionPrn(2), optionPrn(3)) Then
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"NOT CONNECTED!!!<BR>"
Else
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"CONNECTED!!!<BR>"
End If
End If
' Error Case or case mismatch
Case Else
'Wscript.echo "Error in array: " & vbCrLf & " optionPrn(0) - " & optionPrn(0) & _
' vbCrLf & " optionPrn(1) - " & optionPrn(1) & vbCrLf & _
' " optionPrn(2) - " & optionPrn(2)
End Select
' Next iteration of Printer Connections Loop
Next
' End of printer connections
' Beggining of registry modifications
' First check if registry modifications are requested
If AREnabled = TRUE Then
' Inside window, print advanced printer connections
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"<BR>Registry modifications for " & objNetwork.ComputerName & "..."
' Computername driven registry modifications
For varIdx = LBound(mRegInf) To UBound(mRegInf)
optionReg = Split(mRegInf(varIdx),",")
If AddReg(optionReg(0), optionReg(1), optionReg(2)) Then
End If
' Next iteration of Registry Modification Loop
Next
If SMEnabled = TRUE Then
For varIdx = LBound(mMailInf) To UBound(mMailInf)
optionMail = Split(mMailInf(varIdx),",")
If SendMail(optionMail(0), optionMail(1), optionMail(2), optionMail(3)) Then
End If
' Next iteration of Send Mail Loop
Next
End If
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"COMPLETED!!!<BR>"
End If
' End of registry modifications
' Inside window, print end
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"End<BR><BR>"
' Inside window, print time difference from start to finish
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"Loginscript took: " & DateDiff("s",StartTime,Now) & " second(s)..."
' Inside window, close out of writing
objIExplore.Document.Body.InnerHTML = objIExplore.Document.Body.InnerHTML & _
"</BODY></HTML>"
' Sleep for 4000 seconds
WScript.Sleep(IETime)
' Quite Internet Explorer
objIExplore.Quit
Function MemberOf(ObjDict, strKey)
' Given a Dictionary object containing groups to which the user
' is a member of and a group name, then returns True if the group
' is in the Dictionary else return False.
'
' Inputs:
' strDict - Input, Name of a Dictionary object
' strKey - Input, Value being searched for in
' the Dictionary object
' Sample Usage:
'
' If MemberOf(ObjGroupDict, "DOMAIN ADMINS") Then
' wscript.echo "Is a member of Domain Admins."
' End If
'
'
MemberOf = CBool(ObjGroupDict.Exists(strKey))
End Function
Function CreateMemberOfObject(strDomain, strUserName)
' Given a domain name and username, returns a Dictionary
' object of groups to which the user is a member of.
'
' Inputs:
'
' strDomain - Input, NT Domain name
' strUserName - Input, NT username
'
Dim objUser, objGroup
Set CreateMemberOfObject = CreateObject("Scripting.Dictionary")
CreateMemberOfObject.CompareMode = vbTextCompare
Set objUser = GetObject("WinNT://" & strDomain & "/" & strUserName & ",user")
For Each objGroup In objUser.Groups
CreateMemberOfObject.Add objGroup.Name, "-"
Next
Set objUser = Nothing
End Function
Function IsMember(objADObject, strGroup)
' Function to test for group membership.
' objGroupList is a dictionary object with global scope.
' Set IsMember to False
IsMember = False
' Declare variables
Dim Group
' If objGroupList is Empty
If (IsEmpty(objGroupList) = True) Then
' Create a dictionary object and set it to objGroupList
Set objGroupList = CreateObject("Scripting.Dictionary")
End If
' If objGroupList does not have an object called SAMAccountName\
If (objGroupList.Exists(objADObject.sAMAccountName & "\") = False) Then
' Call LoadGroups function with objADObject as both variables
Call LoadGroups(objADObject, objADObject)
' Add SAMAccountName\ to the objGroupList dictionary
objGroupList.Add objADObject.sAMAccountName & "\", True
End If
' Set IsMember to True or False depending upon if the intended group
' exists in the dictionary
IsMember = objGroupList.Exists(objADObject.sAMAccountName & "\" _
& strGroup)
End Function
Sub LoadGroups(objPriObject, objADSubObject)
' Recursive subroutine to populate dictionary object objGroupList.
Dim colstrGroups, objGroup, j
objGroupList.CompareMode = vbTextCompare
colstrGroups = objADSubObject.memberOf
If (IsEmpty(colstrGroups) = True) Then
Exit Sub
End If
If (TypeName(colstrGroups) = "String") Then
Set objGroup = GetObject("LDAP://" & colstrGroups)
If (objGroupList.Exists(objPriObject.sAMAccountName & "\" _
& objGroup.sAMAccountName) = False) Then
objGroupList.Add objPriObject.sAMAccountName & "\" _
& objGroup.sAMAccountName, True
Call LoadGroups(objPriObject, objGroup)
End If
Set objGroup = Nothing
Exit Sub
End If
For j = 0 To UBound(colstrGroups)
Set objGroup = GetObject("LDAP://" & colstrGroups(j))
If (objGroupList.Exists(objPriObject.sAMAccountName & "\" _
& objGroup.sAMAccountName) = False) Then
objGroupList.Add objPriObject.sAMAccountName & "\" _
& objGroup.sAMAccountName, True
Call LoadGroups(objPriObject, objGroup)
End If
Next
Set objGroup = Nothing
End Sub
Function DeleteDriveMapping(sDriveLetter)
' This will remove the mapped drive sDriveLetter
'////////// TEST VARIABLE PASS THROUGH \\\\\\\\\\
'Wscript.echo "Removing drive mapping " & sDriveLetter
CreateObject("WScript.Shell").Run "net.exe use " _
& sDriveLetter & " /delete", 0, True
WScript.Sleep 250
End Function
Function MapDrive(strDrive, strShare, strPersistent)
' Function to map network share to a drive letter.
' If the drive letter specified is already in use, the function
' attempts to remove the network connection.
' objFSO is the File System Object, with global scope.
' objNetwork is the Network object, with global scope.
' Returns True if drive mapped, False otherwise.
Dim objDrive
'On Error Resume Next
'////////// TEST VARIABLE PASS THROUGH \\\\\\\\\\
'Wscript.echo "Mapping " & strDrive & " to " & strShare
If objFSO.DriveExists(strDrive) Then
Set objDrive = objFSO.GetDrive(strDrive)
If Err.Number <> 0 Then
On Error GoTo 0
MapDrive = False
Exit Function
End If
If CBool(objDrive.DriveType = 3) Then
objNetwork.RemoveNetworkDrive strDrive, True, True
Else
MapDrive = False
Exit Function
End If
Set objDrive = Nothing
End If
objNetwork.MapNetworkDrive strDrive, strShare, strPersistent
If Err.Number = 0 Then
MapDrive = True
Else
Err.Clear
MapDrive = False
End If
On Error GoTo 0
End Function
Function ConnPrn(strPrnUNC, strDefPrn)
' Function to connect to a network printer share.
' If the printer specified is already connected, the function
' attempts to remove the network connection.
' objFSO is the File System Object, with global scope.
' objNetwork is the Network object, with global scope.
' objShell is the Shell Object, with global scope.
' Returns True if printer connected, False otherwise.
Dim objWMISvc ' WMI Service Object
Dim objPrn ' Printer Object
Dim intIdx ' Index counter
Dim colItems ' Collected Items
Dim strComputer ' Local computer variable
Dim strDefaultState ' Default share state
Dim strCmd ' Default command string
Dim cmdRetVal ' Return Value of the command
strComputer ="."
'On Error Resume Next
' Set the WMI Service object to get objects from the local computer
Set objWMISvc = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")
' Set the Collected Items to be installed printers
Set colItems = objWMISvc.ExecQuery ("SELECT * FROM Win32_Printer")
'////////// TEST VARIABLE PASS THROUGH \\\\\\\\\\
'Wscript.echo "Connecting to " & strPrnUNC
If Prns.Count = 0 Then
strCmd = "rundll32 printui.dll,PrintUIEntry /in /q /n " & strPrnUNC
'Wscript.echo "Prns.Count - Executing command: " & strCmd
cmdRetVal = objShell.Run(strCmd, 1, TRUE)
'Wscript.echo "Prns.Count - Return value is: " & cmdRetVal
Else
For Each objPrn In colItems
'Wscript.Echo objPrn.DeviceID
If UCase(objPrn.DeviceID) = UCase(strPrnUNC) Then
' Add new printer. Need the ,1,true to wait for shell to complete before continue
strCmd = "rundll32 printui.dll,PrintUIEntry /dn /q /n " & strPrnUNC
'Wscript.echo "objPrn - Executing command: " & strCmd
cmdRetVal = objShell.Run(strCmd, 1, TRUE)
'Wscript.echo "objPrn - Return value is: " & cmdRetVal
'Wscript.Echo "objPrn - First error Number is: " & Err.Number
End If
Next
Set objPrn = Nothing
End If
strCmd = "rundll32 printui.dll,PrintUIEntry /in /q /n " & strPrnUNC
'Wscript.echo "Out of loop - Executing command: " & strCmd
cmdRetVal = objShell.Run(strCmd, 1, TRUE)
'Wscript.echo "Out of loop - Return value is: " & cmdRetVal
'Wscript.Echo "Out of loop - Second error Number is: " & Err.Number
'Wscript.echo "This is a default printer?" & strDefPrn
If strDefPrn = "TRUE" Then
strCmd = "rundll32 printui.dll,PrintUIEntry /y /n " & strPrnUNC
'Wscript.echo "strDefPrn - Executing command: " & strCmd
cmdRetVal = objShell.Run(strCmd, 1, TRUE)
'Wscript.echo "strDefPrn - Return value is: " & cmdRetVal
End If
If cmdRetVal = 0 Then
ConnPrn = True
Else
Err.Clear
ConnPrn = False
End If
On Error GoTo 0
End Function
Function AddReg(strKeyPath, strValueName, strValue)
Const constHKEY_LOCAL_MACHINE = &H80000002
Const constComputer = "."
Set objReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _
constComputer & "\root\default:StdRegProv")
objReg.SetStringValue constHKEY_LOCAL_MACHINE, strKeyPath, strValueName, strValue
End Function
Function SendMail(strTo, strFrom, strSubj, strMsg)
Set objEmail = CreateObject("CDO.Message")
objEmail.From = strFrom
objEmail.To = strTo
objEmail.Subject = strSubj
objEmail.Textbody = strMsg
objEmail.Send
End Function
'//////////// DO NOT MODIFY ABOVE ////////////-saige-
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I completely agree with Joseph on this method to map drives. Using login scripts etc to map drives is labor intensive (when modifying them) also this is a legacy way to map drives. Using GP Preferences is the new way (and very easy to manage) to map drives and do much more.
I would take a look at the below link from the Active Directory Team Blog to help provide steps to complete this process. As per OU level, you do not have to do this based on OU. Use Security Filtering for each Department Security Group and apply the permissions at the top level. Based on the groups where the users are listed they will get the mapped drives required.
http://blogs.technet.com/b/askds/archive/2009/01/07/using-group-policy-preferences-to-map-drives-based-on-group-membership.aspx
Will.
I would take a look at the below link from the Active Directory Team Blog to help provide steps to complete this process. As per OU level, you do not have to do this based on OU. Use Security Filtering for each Department Security Group and apply the permissions at the top level. Based on the groups where the users are listed they will get the mapped drives required.
http://blogs.technet.com/b/askds/archive/2009/01/07/using-group-policy-preferences-to-map-drives-based-on-group-membership.aspx
Will.
ASKER
@Joseph or Will; so I'm creating OU's that represent drive mappings? In the link Will provided, that's what it looks like.
Your drive mappings probably depend upon what department a user is. IT has their mappings, Human Resources has theirs, Finance has theirs, etc. If your OU's reflect your organizational structure, then it will be intuitive which mappings to assign to which OU.
ASKER
@Toby; since we have 3 companies under 1 roof, our OU's were created in that manor. OU per company acronym's. I didn't start this, just trying to make it better. Nothing related to dept's. Wondering if I should start adding OU's under the Company OU and moving users into the OU applicable. Actually there are dept. groups setup under Security Groups.
I'm creating OU's that represent drive mappings?
This is not correct. You would create Security Groups for each department, you would then also create a GPO for each department as well. You assign the security group to the respective GPO and then assign the GPO's to the top level OU or domain for that matter. Security filtering will ensure that GPO's will only apply when users are part of these respective groups.
Will.