Guest Microsoft Newbie Posted April 30, 2008 Posted April 30, 2008 Hi I am running a Windows 2000 Domain Controller and have my users organised into Organisational Units in Active Directory. Could someone assist me with creating a login script that maps network drives to the differing OUs. Thanks
Guest kj [SBS MVP] Posted April 30, 2008 Posted April 30, 2008 Re: Login Scripts - Win2k DC Microsoft Newbie wrote: > Hi > > I am running a Windows 2000 Domain Controller and have my users > organised into Organisational Units in Active Directory. Could > someone assist me with creating a login script that maps network > drives to the differing OUs. > Thanks Time to learn a little scripting. Fortunatly the scriptcenter guys (and gals) have made it easy for us http://support.microsoft.com/kb/243215 Should have everything you need int he repository. There is also a newgroup specifically for scripting help microsoft.public.windows.server.scripting Patient and quality scripters hang out there -- /kj
Guest Richard Mueller [MVP] Posted April 30, 2008 Posted April 30, 2008 Re: Login Scripts - Win2k DC "Microsoft Newbie" <test@test.com> wrote in message news:%23bBDUXtqIHA.3568@TK2MSFTNGP04.phx.gbl... > Hi > > I am running a Windows 2000 Domain Controller and have my users organised > into Organisational Units in Active Directory. Could someone assist me > with creating a login script that maps network drives to the differing > OUs. > > Thanks I think you mean that you want to map a different share depending on the OU the user object resides in. For example, everyone in ou=West will get drive K: mapped to \\Server\ShareA, while everyone in ou=East will be K: mapped to \\Server\ShareB. You can accomplish this by having one Group Policy applied to ou=West and another applied to ou=East. There would be no need in the script to check which OU the user object resides in. Simply map the correct share. For example, the logon script applied to ou=West might be similar to: ========== Option Explicit Dim objNetwork Set objNetwork = CreateObject("Wscript.Network") ' Trap error if drive already mapped. On Error Resume Next objNetwork.MapNetworkDrive "K:", "\\Server\ShareA" If (Err.Number <> 0) Then ' Error raised, attempt to remove existing drive mapping. objNetwork.RemoveNetworkDrive "K:", True, True ' Make another attempt to map the drive. objNetwork.MapNetworkDrive "K:", "\\Server\ShareA" (If Err.Number <> 0) Then ' Alert the user that K: cannot be mapped. Call MsgBox("Unable to map drive K:") End If End If On Error GoTo 0 ======== If you want one Group Policy for the domain and one logon script, then the script will need to check the OU. However, that is not simple. The most reliable method is to bind to the user object and use the Parent method to retrieve the AdsPath of the parent container/OU. You would check for the AdsPath of the OU. Just checking the Relative Distinguished Name of the OU (the "name" of the OU) can be flawed, as it may not uniquely identify the OU. For example: ============= Option Explicit Dim objSysInfo, strUserDN, objUser, strParent Dim objNetwork Set objNetwork = CreateObject("Wscript.Network") ' Bind to user object. Set objSysInfo = CreateObject("ADSystemInfo") strUserDN = objSysInfo.UserName Set objUser = GetObject("LDAP://" & strUserDN) ' Retrieve AdsPath of parent container/OU. strParent = objUser.Parent ' Check for OU, using full AdsPath of the OU. If (strParent = "LDAP://ou=West,ou=Sales,dc=MyDomain,dc=com") Then ' Trap error if drive already mapped. On Error Resume Next objNetwork.MapNetworkDrive "K:", "\\Server\ShareA" If (Err.Number <> 0) Then ' Error raised, attempt to remove existing drive mapping. objNetwork.RemoveNetworkDrive "K:", True, True ' Make another attempt to map the drive. objNetwork.MapNetworkDrive "K:", "\\Server\ShareA" (If Err.Number <> 0) Then ' Alert the user that K: cannot be mapped. Call MsgBox("Unable to map drive K:") End If End If On Error GoTo 0 End If ============ You could have a separate If/Then/End If structure for each OU, or use a Select Case. For assistance configuring the logon script, see this link: http://www.rlmueller.net/LogonScriptFAQ.htm -- Richard Mueller MVP Directory Services Hilltop Lab - http://www.rlmueller.net --
Recommended Posts