"theunlikely" <theunlikely@xxxxxx> wrote in message
news:eca3cf04-a5e9-46c9-9730-07be731e7815@xxxxxx
> Option Explicit
> 'Declare variables
> Dim objNetwork, objUser, CurrentUser
> Dim strGroup
>
> ' Initialize Groups with Const
> Const Accounting_Group = "cn=Accounting"
> Const Private_Group = "cn=SM_Private"
> Const Public_Group = "cn=SM_Public"
> Const Technology_Group = "cn=SM_Technology"
> Const Corporate_Group = "cn=SM_Corporate"
>
> ' Create objects and extract strGroup values
> Set objNetwork = CreateObject("WScript.Network")
> Set objUser = CreateObject("ADSystemInfo")
> Set CurrentUser = GetObject("LDAP://" & objUser.UserName)
>
> objNetwork.MapNetworkDrive "Q:", "\\server\Data"
> objNetwork.MapNetworkDrive "I:", "\\server\Common"
>
> strGroup = LCase(Join(CurrentUser.MemberOf))
> ' If logic testing strGroup for the values in Const groups
> If InStr(strGroup, lcase(Corporate_Group)) Then
> objNetwork.MapNetworkDrive "J:", "\\server\Corporate"
> objNetwork.AddWindowsPrinterConnection "\\server\Executive-Suite"
> objNetwork.SetDefaultPrinter "\\server\Executive-Suite"
>
> ElseIf InStr(strGroup, lcase(Accounting_Group)) Then
> objNetwork.MapNetworkDrive "K:", "\\server\Accounting"
> objNetwork.AddWindowsPrinterConnection "\\server\Dell1815dn02"
> objNetwork.AddWindowsPrinterConnection "\\server\XeroxWC7345"
> objNetwork.SetDefaultPrinter "\\server\Dell1815dn02"
>
> ElseIf InStr(strGroup, lcase(Public_Group)) Then
> objNetwork.MapNetworkDrive "M:", "\\server\Public_Equity_Market"
> objNetwork.AddWindowsPrinterConnection "\\server\1815dn"
> objNetwork.AddWindowsPrinterConnection "\\server\XeroxWC4150"
> objNetwork.SetDefaultPrinter "\\server\1815dn(trade)"
>
> ElseIf InStr(strGroup, lcase(Private_Group)) Then
> objNetwork.MapNetworkDrive "N:", "\\server\Private_Company_Market"
> objNetwork.AddWindowsPrinterConnection "\\server\1815dn(trade)"
> objNetwork.AddWindowsPrinterConnection "\\server\1815dn(trade)"
> objNetwork.SetDefaultPrinter "\\server\1815dn(trade)"
>
> ElseIf InStr(strGroup, lcase(Technology_Group)) Then
> objNetwork.MapNetworkDrive "T:", "\\server\Tech"
> objNetwork.AddWindowsPrinterConnection "\\server\Technology"
> objNetwork.AddWindowsPrinterConnection "\\server\Dell3110"
> objNetwork.SetDefaultPrinter "\\server\Technology"
>
>
> End If
>
> WScript.Quit
>
> so two questions: the lcase or join statement gives me an error if the
> user is not in at least two security groups.
>
> other question: is it possible to within script map a folder like the
> above script does. But within that folder have either shortcuts or
> somehow map other mapped drives inside of it? the reason for this is
> that some users have a lot of access to resources and all of the drive
> letters get used up. No I don't want to create a root share above all
> of these folders, i do not want to use dfs, or anything but the above
> script. I've heard that such a thing is possible using commands like
> sust, junctions, or something along that nature.. suggestions? I don't know where that method originated, to use
LCase(Join(CurrentUser.MemberOf)), but yes, it raises an error unless the
memberOf attribute has at least two group Distinguished Names. And, the
"primary" group of the user, usually "Domain Users", is never included in
memberOf.
A quick fix is to replace this statement:
strGroup = LCase(Join(CurrentUser.MemberOf))
with this:
======
On Error Resume Next
arrGroups = objUser.GetEx("memberOf")
If (Err.Number <> 0) Then
On Error GoTo 0
strGroup = ""
Else
On Error GoTo 0
strGroup = LCase(Join(arrGroups))
End If
======
This is explained in the following link, along with other methods to check
group membership:
http://www.rlmueller.net/MemberOf.htm
Note also that when you check for group names with the InStr function, you
are searching for the Common Name of the group. This may work in your
situation, but the Common Name does not uniquely identify the group. There
can be several groups with Common Name "Accounting", for example, as long as
they are in different OU's. Also, you will get a hit if you check for group
"Sales", for example, but the user is a member of a group with Common Name
"Sales Accounting" or "salesmen". It would be better to check the entire
Distinguished Name of the group, which does uniquely identify the group.
As for your second question, maybe you refer to the subst command. I haven't
seen this used in years, but there is help for it at the command console. To
use it you would need to use the Run method of the wshShell object. Does
this help?
--
Richard Mueller
MVP Directory Services
Hilltop Lab -
http://www.rlmueller.net
--