Joined: Tue Jun 19, 2007 4:27 am

Post by welliott » Tue Jun 19, 2007 4:54 am

Forgive the stupidity here, just getting to the point where I can work with VBscript somewhat.... Short version, have a login script running through Group Policy. The script ran fine until we changed to new 2k3 server. For security reasons, we setup ABE on departmental directories, etc. Obviously, any gratuitous drive mapping works but I can not figure out how to make the vbscript work with ABE. Here's the script I am using:' Drive mapping script based on OU membership of user' ---------------------------------------------------------- 'ON ERROR RESUME NEXTDim WSHShell, WSHNetwork, objDomain, DomainString, UserString, UserObj, PathSet WSHShell = CreateObject("WScript.Shell")Set WSHNetwork = CreateObject("WScript.Network")'Automatically find the domain nameSet objDomain = getObject("LDAP://rootDse")DomainString = objDomain.Get("dnsHostName")'Find the Windows DirectoryWinDir = WshShell.ExpandEnvironmentStrings("%WinDir%")'Grab the user nameUserString = WSHNetwork.UserName'Bind to the user object to get user name and check for group memberships laterSet UserObj = GetObject("WinNT://" & DomainString & "/" & UserString)'Grab the computer name for use in add-on code laterstrComputer = WSHNetwork.ComputerName'Disconnect any drive mappings as needed.WSHNetwork.RemoveNetworkDrive "Y:", True, True'Disconnect ALL mapped drivesSet clDrives = WshNetwork.EnumNetworkDrivesFor i = 0 to clDrives.Count -1 Step 2 WSHNetwork.RemoveNetworkDrive clDrives.Item(i), True, TrueNext'Give the PC time to do the disconnect, wait 300 millisecondswscript.sleep 300'Map drives needed by all'Note the first command uses the user name as a variable to map to a user share.'WSHNetwork.MapNetworkDrive "P:", "serverusers" & UserString,TrueWSHNetwork.MapNetworkDrive "Y:", "MAS90Public",TrueWSHNetwork.MapNetworkDrive "Z:", "ASW-AE2-ADPublic",True'Now check for group memberships and map appropriate drives'Note that this checks Global Groups and not domain local groups.For Each GroupObj In UserObj.Groups'Force upper case comparison of the group names, otherwise this is case sensitive. Select Case UCase(GroupObj.Name) 'Check for group memberships and take needed action 'In this example below, MIS is the Group 'Note the use of all upper case letters as mentioned above. 'Note also that the groups must be Global Groups. Case "MIS" WSHNetwork.MapNetworkDrive "M:", "ASW-AE2-ADIT",True End SelectNext' Add on code'============================'Clear Win XP SP2 Printer Notification Ballons DefaultPath = "HKCUPrintersSettingsEnableBalloonNotificationsRemote"WshShell.RegWrite Path, 0 ,"REG_DWORD"'Windows Overlay to Display system version and SPHKEY_CURRENT_USER = &H80000001strComputer = WSHNetwork.ComputernameSet objReg = GetObject("winmgmts:" & strComputer & "rootdefault:StdRegProv")strKeyPAth = "Control PanelDesktop"objReg.CreateKey HKEY_CURRENT_USER, strKeyPathValueName = "PaintDesktopVersion"dwValue = 1objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue'============================' End Add on Code'Clean Up Memory We Usedset UserObj = Nothingset GroupObj = Nothingset WSHNetwork = Nothingset DomainString = Nothingset WSHSHell = NothingSet WSHPrinters = Nothing 'Quit the Scriptwscript.quitCan anyone offer me a clue here on the best way to do this with ABE in place?Thanks in advance.

Posts: 14136
Joined: Tue May 22, 2007 9:57 am

Post by jvierra » Tue Jun 19, 2007 5:32 am

Remove On Error REsume NExt and run script from copmmand prompt for a user account that is failing.

You are probably having authentication issues du to the use of teh WinNT provider.

Not sure but that's a good place to start.