Check group membership and map drives in a logon script

Entry Notes

Posted: 04122007
Author: Len Parov
Category: Microsoft OS family

Find out which group a user referenced within a logon script belongs to.

Logon scripts are useful for mapping drives so that users can store their work files in standard locations on network file servers. It would be nice to be able to map drives based on a user's group membership, and that's what this hack is about. By placing a user's group membership information into a dictionary object, you can quickly find out if a user is a member of a group and then perform actions (such as mapping drives) if they are. The script in this hack allows you to accomplish this and more.

This script quickly checks to see if a user is a member of a particular group. It reads the Member Of tab information for the user account and places it into a dictionary object, because a dictionary object offers fast and easy access to group membership information. If the user is a member of the group specified, a dialog box will tell you so.

The Code

To use this script, type it into Notepad (with Word Wrap disabled) and save it with a .vbs extension as CheckMembership.vbs.

Option Explicit ' Force explicit declarations
' Variables
Dim WSHNetwork
Dim strUserName ' Current user
Dim strUserDomain ' Current User's domain name
Dim ObjGroupDict ' Dictionary of groups to which the user belongs
Set WSHNetwork = WScript.CreateObject("WScript.Network")
Set FSO = CreateObject("Scripting.FileSystemObject")
' Wait until the user is really logged in...
strUserName = ""
While strUserName = ""
WScript.Sleep 100 ' 1/10 th of a second
strUserName = WSHNetwork.UserName
strUserDomain = WSHNetwork.UserDomain
' Read the user's account "Member Of" tab info across the network
' once into a dictionary object. 
Set ObjGroupDict = CreateMemberOfObject(strUserDomain, strUserName)
If MemberOf(ObjGroupDict, "Domain Admins") Then
wscript.echo "Is a member of Domain Admins." 
'REM this line to Map Network Drives
'Map network Drives here, UNREM the below lines:
'WSHNetwork.MapNetworkDrive "O:", "\\server1\share"
'WSHNetwork.MapNetworkDrive "Q:", "\\server2\share"
wscript.echo "Is NOT a member of Domain Admins"
End If
Function MemberOf(ObjDict, strKey)
' Given a Dictionary object containing groups to which the user
' is a member of and a group name, then returns True if the group
' is in the Dictionary else return False. 
' Inputs:
' strDict - Input, Name of a Dictionary object
' strKey - Input, Value being searched for in
' the Dictionary object
' Sample Usage:
' If MemberOf(ObjGroupDict, "DOMAIN ADMINS") Then
' wscript.echo "Is a member of Domain Admins."
' End If
MemberOf = CBool(ObjGroupDict.Exists(strKey))
End Function
Function CreateMemberOfObject(strDomain, strUserName)
' Given a domain name and username, returns a Dictionary
' object of groups to which the user is a member of.
' Inputs:
' strDomain - Input, NT Domain name
' strUserName - Input, NT username
Dim objUser, objGroup
Set CreateMemberOfObject = CreateObject("Scripting.Dictionary")
CreateMemberOfObject.CompareMode = vbTextCompare
Set objUser = GetObject("WinNT://" _
& strDomain & "/" _
& strUserName & ",user")
For Each objGroup In objUser.Groups
CreateMemberOfObject.Add objGroup.Name, "-"
Set objUser = Nothing
End Function

Running the Hack

To map drives based on a different user group than Domain Admins modify this line as required:

If MemberOf(ObjGroupDict, "Domain Admins") Then

For example, if you want to map drives based on whether users are members of a global group named Sales use this line instead:

If MemberOf(ObjGroupDict, "Sales") Then

To map drives instead of displaying a message box, comment out the following line:

wscript.echo "Is a member of Domain Admins." 'REM this line to Map Network Drives

and uncomment these lines:

'WSHNetwork.MapNetworkDrive "O:", "\\server1\share" 'WSHNetwork.MapNetworkDrive "Q:", "\\server2\share"

specifying drive letters and UNC paths as appropriate depending on your own networking environment. For example, to map the drive letter K: to a shared folder named Reports on file server use this line instead of the above:

WSHNetwork.MapNetworkDrive "K:", "\\\Reports

Related Articles

1. MS DOS Versus PC DOS
With modern PCs having a very high level of standardization and compatib...

2. How to make your PC Available for Remote Desktop Connection
To use Remote Desktop to reach your computer from the Internet, both the...

3. How to Update DirectX Advantages
Although most Windows applications place fairly low demands on the displ...

4. Using Simple File Sharing in Windows
Although most home users are typically happy letting anyone at any compu...

5. The Evolution of Microsoft Windows The Windows 9x Family
By the mid-1990s, processor power had increased and memory prices had de...

6. How to install Windows and Installation Types
Deciding on the type of installation to perform is dictated by many fact...

All articles in this directory are property of their respective authors.
Contact us | Terms of Service | Privacy Policy

© 2012 - All Rights Reserved.