1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Login Script

Discussion in 'Scripting & Programming' started by Nelix, Mar 25, 2013.

  1. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,412
    3
    82
    Hi All

    I currently have a script that will map network drive/s based on the user logging on being a member of a particular group, here is the code:

    Code:
    $GroupList = @{}
    
    Function IsMember($ADObject, $GroupName)
    {
        # Function to check group membership.
    
        If ($GroupList.Count -eq 0)
        {
            # Retrieve tokenGroups attribute, which is operational (constructed).
            $ADObject.psbase.RefreshCache("tokenGroups")
            $SIDs = $ADObject.Properties.Item("tokenGroups")
            # Populate hash table with security group memberships.
            ForEach ($Value In $SIDs)
            {
                $SID = New-Object System.Security.Principal.SecurityIdentifier $Value, 0
                $DecSID = $SID.Value
                $objSID = New-Object System.Security.Principal.SecurityIdentifier($DecSID)
                $Group = $objSID.Translate([System.Security.Principal.NTAccount])
                $GroupList.Add($Group.Value.Split("\")[1], $True)
            }
        }
        # Check group membership.
        If ($GroupList.ContainsKey($GroupName))
        {
            Return $True
        }
        Else
        {
            Return $False
        }
    }
    
    # Retrieve reference to AD user object of current user.
    $SysInfo = New-Object -ComObject "ADSystemInfo"
    $UserDN = $SysInfo.GetType().InvokeMember("UserName", "GetProperty", $Null, $SysInfo, $Null)
    $User = [ADSI]"LDAP://$UserDN"
    
    $Network = New-Object -ComObject "Wscript.Network"
    $FSO = New-Object -ComObject "Scripting.FileSystemObject"
    
    If ($FSO.FolderExists("P:") -eq $True)
    {
        $Network.RemoveNetworkDrive("P:", $True, $True)
    }
    
    If (IsMember $User "TestGroup" -eq $True)
    {
        $Network.MapNetworkDrive("P:", "\\Server\Sharename")
    }
    I want to be able to amend this script or find a new script that will map additional drives. Generally speaking, all of our users have a departmental drive mapped when they login Eg G: depending on there group membership, however we have a few staff members that are members of more than one group/department so I want the script to map a drive for each group that they are a member of so after the G:\ is mapped the script will see that the G:\ is already used so will use H:\ for the next mapping and so on i.e:

    G:\Finance
    H:\Residential
    I:\Medical

    Hope that's clear enough.

    Any help would be greatly appreciated.

    Regards

    Nelix
     
    Certifications: A+, 70-210, 70-290, 70-291
    WIP: 70-294
  2. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,199
    125
    199
    For what you want to achieve I'd recommend Group Policy Preferences to map drives rather than a logon script.

    Have you considered this?
     
  3. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,412
    3
    82
    I have not considered this but have taken a look in GP, where do I find these settings?

    Cheers
     
    Certifications: A+, 70-210, 70-290, 70-291
    WIP: 70-294
  4. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,199
    125
    199
    Group Policy - User Config - Preferences - Windows Settings - Drive Maps.

    Right Click on Drive Maps - new mapped drive. Once you have set your specifics click on the Common Tab and then select Item Level Targeting. From here you can set OU, Etc.
     
  5. ade1982

    ade1982 Megabyte Poster Forum Leader

    566
    12
    52
    Worth saying it's from Windows 2008 (R2?) onwards, only.
     
  6. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,199
    125
    199
    Good point! I take things like that for granted these days! :oops:
     
  7. mcbro

    mcbro Byte Poster

    136
    0
    23
    What has to be 2008 onwards?

    You can use GPP just fine with 2003 DCs. You will just need a client running Vista SP1 or Windows 7 to edit the GPOs.
     
    Certifications: MCITP:EA, CCNA

Share This Page

Loading...