Active Directory-Specific Logon Scripts
If you're in an AD domain, you can take advantage of AD's newer technologies and built-in scripting interfaces, such as ADSI, to perform more powerful and flexible tricks in your logon scripts.
 AD Logon Script
Listing 29.3 shows a sample logon script designed to run within an AD environment.
Listing 29.3. ADLogon1.vbs. This script requires Active Directory to run.
Const G_SALES = "cn=sales"
Const G_MARKETING = "cn=marketing"
Const G_EXECS = "cn=executives"
Set oNetwork = CreateObject("WScript.Network")
oNetwork.MapNetworkDrive "h:", "\\FileServer\Users\" & _
oNetwork.UserName
Set oADSystemInfo = CreateObject("ADSystemInfo")
Set oUser = GetObject("LDAP://" & oADSystemInfo.UserName)
sGroups = LCase(Join(oUser.MemberOf))
If InStr(sGroups, G_SALES) Then
oNetwork.MapNetworkDrive "S:", "\\FileServer\SalesDocs\"
oNetwork.AddWindowsPrinterConnection "\\PrintServer\Quotes"
oNetwork.SetDefaultPrinter "\\PrintServer\Quotes"
End If
If InStr(sGroups, G_MARKETING) Then
oNetwork.MapNetworkDrive "M:", "\\FileServer\MarketingDocs\"
oNetwork.AddWindowsPrinterConnection "\\PrintServer\ColorLaser"
oNetwork.AddWindowsPrinterConnection "\\PrintServer\BWLaser"
oNetwork.SetDefaultPrinter "\\PrintServer\BWLaser"
End If
If InStr(sGroups, G_EXECS) Then
oNetwork.MapNetworkDrive "X:", "\\FileServer\ExecDocs\"
oNetwork.AddWindowsPrinterConnection "\\PrintServer\Execs"
oNetwork.SetDefaultPrinter "\\PrintServer\Execs"
End If
As with the other scripts in this chapter, you need to rename the server and share names appropriately.
AD Logon Script-Explained
I start by creating constants for each user group I want to check the membership of. These constants make it easier to read the rest of the script. Notice that I'm using AD-style naming, specifying the cn, or common name, of each group.
Const G_SALES = "cn=sales"
Const G_MARKETING = "cn=marketing"
Const G_EXECS = "cn=executives"
The next bit of code creates a WScript.Network object, and maps a single drive to the user's home directory. The earlier caveat about Win9x machines applies: UserName isn't populated right away so you need to add some wait time into the code.
Set oNetwork = CreateObject("WScript.Network")
oNetwork.MapNetworkDrive "h:", "\\FileServer\Users\" & _
oNetwork.UserName
Next, I use ADSI to retrieve the current domain information and logged on user name. Then, I connect to ADSI via LDAP to retrieve the list of groups the user belongs to. This information is returned in a string, which I've stored in sGroups.
Set oADSystemInfo = CreateObject("ADSystemInfo")
Set oUser = GetObject("LDAP://" & oADSystemInfo.UserName)
sGroups = LCase(Join(oUser.MemberOf))
Checking for group membership is now as easy as seeing if sGroups contains the group name, which I can do by using the InStr() function. For each group the user belongs to, I map the appropriate network drives and printers. Because users may belong to more than one group (an executive could also be in sales or marketing, for example), each group is handled individually.
If InStr(sGroups, G_SALES) Then
oNetwork.MapNetworkDrive "S:", "\\FileServer\SalesDocs\"
oNetwork.AddWindowsPrinterConnection "\\PrintServer\Quotes"
oNetwork.SetDefaultPrinter "\\PrintServer\Quotes"
End If
If InStr(sGroups, G_MARKETING) Then
oNetwork.MapNetworkDrive "M:", "\\FileServer\MarketingDocs\"
oNetwork.AddWindowsPrinterConnection "\\PrintServer\ColorLaser"
oNetwork.AddWindowsPrinterConnection "\\PrintServer\BWLaser"
oNetwork.SetDefaultPrinter "\\PrintServer\BWLaser"
End If
If InStr(sGroups, G_EXECS) Then
oNetwork.MapNetworkDrive "X:", "\\FileServer\ExecDocs\"
oNetwork.AddWindowsPrinterConnection "\\PrintServer\Execs"
oNetwork.SetDefaultPrinter "\\PrintServer\Execs"
End If
That's easy enough! This is a great way to build a logon script that maps several different drives. Note that this same technique doesn't work as well in an NT domain, because NT domains don't provide an easy way to retrieve all of a user's groups into a single, convenient string variable.
AD Logon Script Two
You can also create site-aware logon scripts. This is especially useful for mapping printers, as it allows you to map a local printer for the user. Roaming users who travel between sites appreciate always having a nearby printer to print to. Listing 29.4 shows a script that does just this, as well as maps a drive to the logon server's Utilities share. This might be a means of providing users with local access to a set of company-wide utilities or document templates, for example.
Listing 29.4. ADLogon2.vbs. This script is site and logon server-aware.
Dim oSystemInfo
Dim oShell
Dim sLogonServer, sSiteName
'get logon server
Set oShell = Wscript.CreateObject("Wscript.Shell")
sLogonServer = oShell.ExpandEnvironmentStrings("%LOGONSERVER%")
'get AD site name
Set oSystemInfo = CreateObject("ADSystemInfo")
sSiteName = oSystemInfo.SiteName
'map printer based on site
Select Case sSiteName
Case "Boston"
oNetwork.AddWindowsPrinterConnection "\\BOS01\Laser1"
oNetwork.SetDefaultPrinter "\\BOS01\Laser1"
Case "New York"
oNetwork.AddWindowsPrinterConnection "\\NYC02\LaserJet"
oNetwork.SetDefaultPrinter "\\NYC02\LaserJet"
Case "LA"
oNetwork.AddWindowsPrinterConnection "\\LASrv\HP2"
oNetwork.SetDefaultPrinter "\\LASrv\HP2"
Case "Las Vegas"
oNetwork.AddWindowsPrinterConnection "\\VEG4\LaserJet"
oNetwork.SetDefaultPrinter "\\VEG4\LaserJet"
Case "Houston"
oNetwork.AddWindowsPrinterConnection "\\TX2\HP03"
oNetwork.SetDefaultPrinter "\\TX2\HP03"
End Select
'show message
MsgBox "Your default printer has been " & _
"set to a printer at the local office."
'map L: drive to logon server's
'UTILITIES share
oNetwork.MapNetworkDrive "L:", sLogonServer & _
"\Utilities\"
Again, to pull bits of this script into your own, you need to modify the UNCs to suit your environment.
AD Logon Script Two-Explained
I start by declaring variables.
Dim oSystemInfo
Dim oShell
Dim sLogonServer, sSiteName
Next, I create a WScript Shell object to retrieve the logon server name. This information is stored in an environment string; note that this technique can be used to retrieve any environment string, such as the system temp folder.
'get logon server
Set oShell = Wscript.CreateObject("Wscript.Shell")
sLogonServer = oShell.ExpandEnvironmentStrings("%LOGONSERVER%")
I use the AD System Info object to retrieve the current site name. This is only available on AD clients, including downlevel (9x and NT) clients running the Directory Services client.
'get AD site name
Set oSystemInfo = CreateObject("ADSystemInfo")
sSiteName = oSystemInfo.SiteName
Next, the script uses a Select...Case construct to map a printer based on the current site location. The printer is made the default, making it easier for users to just click Print in their applications.
'map printer based on site
Select Case sSiteName
Case "Boston"
oNetwork.AddWindowsPrinterConnection "\\BOS01\Laser1"
oNetwork.SetDefaultPrinter "\\BOS01\Laser1"
Case "New York"
oNetwork.AddWindowsPrinterConnection "\\NYC02\LaserJet"
oNetwork.SetDefaultPrinter "\\NYC02\LaserJet"
Case "LA"
oNetwork.AddWindowsPrinterConnection "\\LASrv\HP2"
oNetwork.SetDefaultPrinter "\\LASrv\HP2"
Case "Las Vegas"
oNetwork.AddWindowsPrinterConnection "\\VEG4\LaserJet"
oNetwork.SetDefaultPrinter "\\VEG4\LaserJet"
Case "Houston"
oNetwork.AddWindowsPrinterConnection "\\TX2\HP03"
oNetwork.SetDefaultPrinter "\\TX2\HP03"
End Select
I also notify the users that this printer assignment has been made. That way, they know what to expect when printing. For large offices, you might want the message to include the printer name and location, so the user knows where to find his hard copy.
'show message
MsgBox "Your default printer has been " & _
"set to a printer at the local office."
Finally, I map a drive to the Utilities share of the authenticating domain controller.
'map L: drive to logon server's
'UTILITIES share
oNetwork.MapNetworkDrive "L:", sLogonServer & _
"\Utilities\"
You now have another useful script that leverages VBScript's access to domain information like the logon server and site name!
| 
