Guy's Scripting Ezine 115 - Groups and MapNetworkDrive
Guy's Scripting Ezine 115 - Groups and MapNetworkDrive
♣
When I revisited my old Ezines e.g. number 24, it was obvious that they needed polishing. On reflection some of my early scripts seem a little thin, over
time I noticed a gradual improvement in the explanations and learning points. The upshot is that this week I am going to have another look at group membership and its Const statement. The whole education process, both for you and for me, reminds me of the spiral nature of learning. Before a
concept sinks in we have to go around a topic again and again, hopefully, after each circuit we go up a level and the circuit gets broader as a result of the extra information. At first I thought I was a slow
learner because I had to repeat tasks before I absorbed them. Now I realize this spiral approach is normal and it's only a very few geniuses, who need to be told only once before they grasp the point.
If you are looking for handy network utilities, try some of the free downloads at
Tools4Ever
Here are two VBScripts which will show you how to map a network
drive based on group membership. These are advanced scripts drawing upon multiple VBScript methods and because there are so many elements involved, I recommend that you double check the
pre-requisites.
In particular, check the names of your groups and the values for the UNC paths referenced by the scripts.
Scripting for groups is one of my bugbears. With most LDAP attributes there is only a single value, for example, givenName = Guy. However, because the group object can have many members, the group object
must support multiple
values. When dealing with groups, the key LDAP attribute is MemberOf.
Here is the full list of methods that feature in this week's scripts:
MemberOf, Const, MapNetworkDrive, InStr. Also, ADSystemInfo, LCase and If... Then .. Else.
The scenario Let us imagine that you want to map network drives based on group membership. Specifically, a group called Managers has their data stored on a different server from a group called Dentists.
We are going to create this script in two stages. Stage one merely checks the group membership of the user who is logged on. Stage two will actually map to different network shares depending on
the group membership of the logged-on user. Pre-Requisites
You need an Active Directory domain for this VBscript. Either Windows Server 2003 or Windows 2000. To get the script to work as designed, pay close attention to the group membership.
Please create Global Groups called Dentists and Managers, or better still, amend the script to reflect your Active Directory groups. The second script is designed to use two UNC paths, therefore
please check and amend this portion of the script.
Instructions
- Important: Make sure that the person who tests the script is in a group called Managers, or Dentists. Alternatively, alter
Dentists on line 11, to a group that you ARE a memberOf.
- Optional: Edit the ' commented out lines. Remember in the scenario, you want the script to map the network drive. So edit that line to reflect a UNC share on your network.
- Copy and paste the script below into notepad or get a script editor such as OnScript.
- Save the file with .vbs extension e.g. GroupMapEcho.vbs
- Double click and observe the message box.
' GroupMapEcho.vbs
' VBScript to test group membership
' Script can be amended to actually MapNetworkDrive
' Author Guy Thomas http://computerperformance.co.uk/
' Version 3.3 -
May 2006
' -----------------------------------------------------------------'
Option Explicit
Dim objNetwork, objUser, CurrentUser
Dim strGroup
' Initialise Groups with Const
Const
Dentists_Group = "cn=dentists"
Const Managers_Group = "cn=managers"
Const What_ever_you_Like = "cn=any_lower_case_group"
Const Users_Group = "cn=users"
Const Administrators_Group =
"cn=administrators"
' Create objects and extract strGroup values
Set objNetwork = CreateObject("WScript.Network")
Set objUser = CreateObject("ADSystemInfo")
Set CurrentUser = GetObject("LDAP://"
& objUser.UserName)
strGroup = c
' If logic testing strGroup for the values in Const groups
If InStr(strGroup, lcase(Dentists_Group)) Then
WScript.Echo "Dentists
"
' objNetwork.MapNetworkDrive "h:", "\\Server\Users\" _
' & objNetwork.UserName
' For a production script remove the WScript
' Activate mapnetworkdrive by removing the apostrophes (' Rem)
ElseIf InStr(strGroup, lcase(Managers_Group)) Then
WScript.Echo " Manager "
' objNetwork.MapNetworkDrive "h:", "\\YourServer\Users\"_
' & objNetwork.UserName
ElseIf InStr(strGroup,
lcase(Administrators_Group)) Then
WScript.Echo "Administrator: " & strGroup
' objNetwork.MapNetworkDrive "h:", "\\Another Server\Users\" _
' & objNetwork.UserName
ElseIf InStr(strGroup,
lcase(Users_Group)) Then
WScript.Echo " Only a User... "
' objNetwork.MapNetworkDrive "y:", "\\alan\home\" _
' & objNetwork.UserName
End If
Wscript.Echo "Finished Testing for Groups "
WScript.Quit
' End of example VBScript .
Learning Points
Note 1: Constants. This week I have introduced CONST to hold the group information. Did you edit Dentists, or to be precise dentists? "cn=dentists" is case sensitive, hence
lcase(Dentists_Group)).
Note 2: AdSystemInfo is a good method of extracting the information from Active Directory.
Note 3: InStr. This means: in the string value. InStr is useful for checking if a named value is contained in a much longer string.
Note 4: If.... ElseIf. Check my 'If' statement. Modify the clauses to suit groups on your network. For example, if your group is called Human Resources and not Dentists, then amend
the script accordingly.
Note 5: When you are happy with the WScript.Echo message, why not remove the comment ' objNetwork and get the MapNetworkDrive method working. Remember to uncomment the ' & objNetwork like as well. Here is
more help on
MapNetworkDrive.
Note 6: I concatenated '& strGroup' to the Administrators group and thus joined the user to the Administrators group. You may like to add '& strGroup' to the other groups. As
usual, what I want is get you started and give you the confidence to
experiment for yourself. Note 7: See more on MemberOf here
Guy Recommends: Solarwinds' Free Bulk Import Tool
Import users from a spreadsheet. Just provide a list of the
users with their fields in the
top row, and save as .csv file. Then launch this FREE utility and match
your fields with AD's
attributes, click and import the users. Optionally, you can
provide the name of the OU where the new accounts will be born.
There are also two bonus tools in the free download, and all 3 have been approved by Microsoft:
- Bulk-import new users into Active Directory.
- Seek and zap unwanted user accounts.
- Find inactive computers.
Download your FREE bulk import tool.
The purpose of this script is to actually map a network drive to a local drive letter. The precise path is dependent on the group to which the logged on user belongs. For
example, if you are an Administrator the script maps to \\ grand \home. What is more it maps to a sub directory based on the user's name. If the user is called guyt then this would be:
\\
grand \home \guyt. If this is not clear then I suggest a refresher on MapNetworkDrive Pre-requisiteStudy the logic of my UNC paths and amend
for your network. For example, it's unlikely that your server is called \\ grand, therefore replace with the value equivalent to: \\ yourservername.
' GroupMap2.vbs
' Script that actually does MapNetworkDrive
' Author Guy Thomas http://computerperformance.co.uk/
' Version 3.7 - May 2006
'
-----------------------------------------------------------------'
Option Explicit
Dim objNetwork, objUser, CurrentUser
Dim strGroup
' Initialise Groups with Const
Const Dentists_Group =
"cn=dentists"
Const Managers_Group = "cn=managers"
Const What_ever_you_Like = "cn=any_lower_case_group"
Const Users_Group = "cn=users"
Const Administrators_Group = "cn=AdmiNistrators"
'
Create objects and extract strGroup values
Set objNetwork = CreateObject("WScript.Network")
Set objUser = CreateObject("ADSystemInfo")
Set CurrentUser = GetObject("LDAP://" & objUser.UserName)
strGroup = LCase(Join(CurrentUser.MemberOf))
' If logic testing strGroup for the values in Const groups
If InStr(strGroup, lcase(Dentists_Group)) Then
' WScript.Echo "Dentists "
objNetwork.MapNetworkDrive "h:", "\\Server\Users\" _
& objNetwork.UserName
' For a production script remove the WScript
' Activate mapnetworkdrive by removing the apostrophes (' Rem)
ElseIf
InStr(strGroup, lcase(Managers_Group)) Then
' WScript.Echo " Manager "
objNetwork.MapNetworkDrive "h:", "\\YourServer\Users\"_
& objNetwork.UserName
ElseIf InStr(strGroup,
lcase(Administrators_Group)) Then
' WScript.Echo "Administrator: " & strGroup
objNetwork.MapNetworkDrive "y:", "\\grand\home\" _
& objNetwork.UserName
ElseIf InStr(strGroup, lcase(Users_Group))
Then
WScript.Echo " Only a User... "
objNetwork.MapNetworkDrive "h:", "\\alan\home\" _
& objNetwork.UserName
End If
Wscript.Echo "Finished mapping Groups
- check drives "
WScript.Quit
' End of example VBScript
Learning Points
Note 1: If you have problems with this script, then double check the names of your groups, also seek out each UNC path and make sure it reflects a server and share on your network.
Note 2: Each UNC path has appended: _ & objNetwork.UserName. This means that the network share must have a subfolder named after the logged on user. If this is not the case, change
to plain:
objNetwork.MapNetworkDrive "h:", "\\ alan\home" Be aware that I have removed the final backslash from \home". Here is a refresher on
MapNetworkDrive
Note 3: Observe how the LCase function ensures that the group name is in lower case. It drove me made when the script failed because I typed the names in Proper case.
The secret of scripting group membership is planning; which groups, which UNC paths. Once you have your blueprint, build the script in stages, get each method working, then bolt it all
together.
See More Active Directory Group VBScripts
• User Spreadsheet • Add Users to Groups • Create
Users • Free
Permissions Monitor
• Ezine 57 Groups •
Ezine 58 Groups •
Ezine 73 primaryID • Ezine 112
Local Groups
•
Ezine 113 Multiple Groups • Ezine 115 Map Groups •
Ezine 138 Groups Join • Ezines
| 
