how to exclude the script not to run on Certain servers

i have a batch script that i have running as a logon script via AD user. i need a way to exclude this command from running on certain servers. is there a way of doing this. Please see below

---Script commands-----
mkdir "%USERPROFILE%\OneDrive - Tenant"
mkdir "%USERPROFILE%\OneDrive - Tenant\Favorites"
mkdir "%USERPROFILE%\OneDrive - Tenant\My Pictures"
mkdir "%USERPROFILE%\OneDrive - Tenant\My Videos"
mkdir "%USERPROFILE%\OneDrive - Tenant\My Music"
subst h: "%USERPROFILE%\OneDrive - Tenant"

exit
-------------
2019-05-08_17-02-32.jpg
trcadminAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

oBdACommented:
This should do the trick:
set exclude=SERVER1 SERVER2 SERVER3
for %%a in (%exclude%) do if /i "%%a"=="%ComputerName%" exit /b

mkdir "%USERPROFILE%\OneDrive - Tenant"
mkdir "%USERPROFILE%\OneDrive - Tenant\Favorites"
mkdir "%USERPROFILE%\OneDrive - Tenant\My Pictures"
mkdir "%USERPROFILE%\OneDrive - Tenant\My Videos"
mkdir "%USERPROFILE%\OneDrive - Tenant\My Music"
subst h: "%USERPROFILE%\OneDrive - Tenant"

exit

Open in new window

Ben Personick (Previously QCubed)Lead SaaS Infrastructure EngineerCommented:
To modify ODBA's comment, I prefer this because its quicker to check all terms at one go instead of in a for loop:

SET"_Excluded=SERVER1 SERVER2 SERVER3"

ECHO. %_Excluded% | FIND /I /V "%ComputerName%" 2>&1 >Nul && (
     mkdir "%USERPROFILE%\OneDrive - Tenant"
     mkdir "%USERPROFILE%\OneDrive - Tenant\Favorites"
     mkdir "%USERPROFILE%\OneDrive - Tenant\My Pictures"
     mkdir "%USERPROFILE%\OneDrive - Tenant\My Videos"
     mkdir "%USERPROFILE%\OneDrive - Tenant\My Music"
     subst h: "%USERPROFILE%\OneDrive - Tenant"
)
EXIT /B

Open in new window

Alternatively you could Check AD for membership in a particular Group or OU you can do so such as this:

Exclude by Computer being an a certain OU:
SET "_Excluded_By_OU=OU=Excluded,OU=Computers,OU=Example,DC=Domain,DC=Local"

dsquery COMPUTER -name %computername% | FIND /I /V "%_Excluded_By_OU%" 2>&1 >Nul && (
     mkdir "%USERPROFILE%\OneDrive - Tenant"
     mkdir "%USERPROFILE%\OneDrive - Tenant\Favorites"
     mkdir "%USERPROFILE%\OneDrive - Tenant\My Pictures"
     mkdir "%USERPROFILE%\OneDrive - Tenant\My Videos"
     mkdir "%USERPROFILE%\OneDrive - Tenant\My Music"
     subst h: "%USERPROFILE%\OneDrive - Tenant"
)
EXIT /B

Open in new window

Exclude by Computer being a member of a certain group:





SET "_Excluded_By_Group_Name=Excluded_From_Script"

dsquery group -name  %_Excluded_By_Group_Name% | dsget group -members | FIND /I "%ComputerName%" 2>&1 >Nul && (
     Exit /B
) || (
     mkdir "%USERPROFILE%\OneDrive - Tenant"
     mkdir "%USERPROFILE%\OneDrive - Tenant\Favorites"
     mkdir "%USERPROFILE%\OneDrive - Tenant\My Pictures"
     mkdir "%USERPROFILE%\OneDrive - Tenant\My Videos"
     mkdir "%USERPROFILE%\OneDrive - Tenant\My Music"
     subst h: "%USERPROFILE%\OneDrive - Tenant"
)
EXIT /B

Open in new window

Ben Personick (Previously QCubed)Lead SaaS Infrastructure EngineerCommented:
added examples of excluding Computers by OU and group membership using the same methodology

Note I chose to query the computer and check for the excluded OU path, instead of getting a list of Computers in the OU, because querying one result is a faster proposition than checking one result against many possible answers by using the Scope option, but you can also do that method if you prefer.
OWASP: Avoiding Hacker Tricks

Learn to build secure applications from the mindset of the hacker and avoid being exploited.

trcadminAuthor Commented:
I have tested this using the excluding Computers By OU method. i get error "'dsquery' is not recognized as an internal or external command,
operable program or batch file.". Please see attachments.

i do not have AD install on this server. We are using windows server 2008 R2 and windows server 2019. Please advise. Thanks !!!
2019-05-09_15-00-13.jpg
Ben Personick (Previously QCubed)Lead SaaS Infrastructure EngineerCommented:
@trcadmin,

  I appears I am just spoiled by my own win 7 and Win2012 R2 Systems having the Directory Service tools installed, ad forgot as it's been too many years.

So it looks like those will only work if you included DSQuery and DSGet in the source location, which seems extreme, so then you are back to having the simple list by hand.

You can also move your login scripts to a GPO for User Login scripts, which would definitely allow you to use WMI filters to limit the script from running on systems, or Item level targeting to stop it from systems in a group or OU.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
trcadminAuthor Commented:
Ben,

This resolved my issue, Thank you so much for your help!!!
trcadminAuthor Commented:
Ben,

This resolved my issue, Thank you so much for your help!!!
Ben Personick (Previously QCubed)Lead SaaS Infrastructure EngineerCommented:
Glad to help! :)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.