Creating Logon Scripts to map network drives and map printers, have been around since the dawn of networking. Microsoft's Group
policy embraces this Logon Script concept by supplying not 1 but 4 settings:
Two Logon and Logoff policies are found in
the User Configuration. In addition Windows Server 2003 Group Policies have
two Startup and Shutdown scripts, but these settings are found in the Computer Configuration section of Group Policy.
There are several reasons that I am particularly interested in scripting policies. Firstly,
I use logon scripts as one of my 'Litmus Tests' to judge amateurs and
professionals. If
you use Windows Server 2003 policies to assign VBScript Logon Scripts, then I consider you a professional, whereas if you prefer adding batch files to a user's
property sheet, then I consider you an old fashioned 'Luddite'.
Next, I would like to identify three different tasks for logon
scripts:
Set the scope of the logon script. By that I mean which drives
and which printers to map in the VBScript.
Assign the Logon scripts via Windows Server 2003 Group Policies. It is this
'wiring-up' of the script to the policy, that I am going to explain on this page.
Guy
Recommends: Permissions Analyzer - Free Active Directory Tool
I like the
Permissions Monitor because it enables me to see quickly WHO has permissions
to do WHAT. When you launch this tool it analyzes a users effective NTFS
permissions for a specific file or folder, takes into account network share
access, then displays the results in a nifty desktop dashboard!
Think of all the frustration that this free utility saves when you are
troubleshooting authorization problems for users access to a resource.
Presuming that you have written or copied the VBScripts, all we have to do in Group Policy is add the .VBS file to the appropriate dialog box. I find that it is much better to
copy the .VBS file into memory before you open the policy box, than to try and
navigate once the dialog box is open.
My point is that I would prefer to right click and paste, rather than use the Open
and Browse option. See picture opposite.
If you do experiment with the 'Browse' and 'Look in' buttons, then you
will see the very long path where Group Policies in general and Logon
Scripts in particular are stored. \Windows\sysvol\sysvol\domain\policies.
Professional administrators use these logoff scripts to remove network
drives and to disconnect printers. An up-and-coming use of Group
Policies is to create logoff scripts is to delete temporary files and
perform other house keeping tasks. The script executes while the user
logs off - I like it!
Introduction to Logon Scripts with VBScript
When I first saw Windows 2003, I investigated the new features. I wondered: 'How do I assign logon scripts to users?' I came up with two methods; the
traditional NT 4.0 style or assigning
VBScripts via Active Directory Group Policies. (The traditional method was via the User's Properties, Profile tab.)
I even took a I step back
and asked the more fundamental question: 'What am I trying to achieve here?' The answer was, 'To provide users with the best environment for their work'. This lead me to investigate VBScript
methods for providing mapped network drives and connecting to shared printers.
Good news. Scripting possibilities improve dramatically when you progress from the old
DOS batch files, to the new WSH with its rich VBScript verbs. When you survey the big picture, you realize that Logon Scripts are only one of many jobs for WSH and VBScript. My point is that
knowledge of these scripting objects, syntax and methods will help you automate other computer tasks. As a bonus, if you master assigning Logon Scripts by Group Policy, then you will see how to apply
other settings using Group Policy (GPMC).
Guy Recommends: A Free Trial of the Network Performance Monitor
(NPM)
Solarwinds'
Orion performance monitor
will help you discover what's happening on your network. This
utility will also guide you through troubleshooting; the dashboard will
indicate whether the root cause is a broken link, faulty equipment or
resource overload.
Perhaps the NPM's best feature is the way it suggests solutions to network
problems. Its
second best feature is the ability to monitor the health of individual VMWare
virtual machines. If you are interested in troubleshooting, and creating network maps, then I recommend that you take advantage of Solarwinds' offer.
The problem with a PowerShell logon script is that you cannot simply assign a .ps1 file as a logon
script; because, by design, Windows 7 or Vista won't be able to execute
it. Fortunately, there is a work-around and that is to create a
VBScript script which calls your PowerShell script. To my mind
this whole procedure is telling me clearly, this is not the best way of
configuring logon settings.
However, if this is what you want, then PowerShell can play its part
via the -comObject. Here is a MapNetworkDrive example:
Note 1: Assume that you save the above code in
C:\PowerShell\logon.ps1
Note 2: Now call the logon.ps1 file from VBScript thus:
Group Policy Drive Maps
The modern group policy method of drive mapping does not require any
knowledge of either VBScript or PowerShell. In Windows Server 2008 you can launch the
GPMC and configure Drive Maps in the Preferences section.
See more on Group
Policy Drive Maps.
Summary of Windows Server 2003 Script Command Policy
Microsoft's Group
policy embraces the Logon Script concept by supplying four settings: Logon and Logoff policies are found in
the User Configuration. In addition Windows Server 2003 Group Policies
have Startup and Shutdown scripts. Creating Logon Scripts to map network drives and map printers
is a separate skill requiring VBScript experience.
If you like this page then please share it with your friends
*
Custom Search
Guy Recommends: Orion's NPM - Network Performance Monitor
Orion's performance monitor is designed for detecting network outages. NPM makes it easy to see what's working, and what needs your attention.
This utility guides you through creating network maps. It also helps troubleshooting by indicating whether the root cause is faulty equipment, or resource overload.
