Find out which group a user referenced within a logon script belongs to.
Logon scripts are useful for mapping drives so that users can store their work files in standard locations on network file servers. It would be nice to be able to map drives based on a user's group membership, and that's what this hack is about. By placing a user's group membership information into a dictionary object, you can quickly find out if a user is a member of a group and then perform actions (such as mapping drives) if they are. The script in this hack allows you to accomplish this and more.
This script quickly checks to see if a user is a member of a particular group. It reads the Member Of tab information for the user account and places it into a dictionary object, because a dictionary object offers fast and easy access to group membership information. If the user is a member of the group specified, a dialog box will tell you so.
To use this script, type it into Notepad (with Word Wrap disabled) and save it with a .vbs extension as CheckMembership.vbs.
Option Explicit ' Force explicit declarations ' ' Variables ' Dim WSHNetwork Dim FSO Dim strUserName ' Current user Dim strUserDomain ' Current User's domain name Dim ObjGroupDict ' Dictionary of groups to which the user belongs Set WSHNetwork = WScript.CreateObject("WScript.Network") Set FSO = CreateObject("Scripting.FileSystemObject") ' ' Wait until the user is really logged in... ' strUserName = "" While strUserName = "" WScript.Sleep 100 ' 1/10 th of a second strUserName = WSHNetwork.UserName Wend strUserDomain = WSHNetwork.UserDomain ' Read the user's account "Member Of" tab info across the network ' once into a dictionary object. Set ObjGroupDict = CreateMemberOfObject(strUserDomain, strUserName) If MemberOf(ObjGroupDict, "Domain Admins") Then wscript.echo "Is a member of Domain Admins." 'REM this line to Map Network Drives 'Map network Drives here, UNREM the below lines: 'WSHNetwork.MapNetworkDrive "O:", "\\server1\share" 'WSHNetwork.MapNetworkDrive "Q:", "\\server2\share" Else wscript.echo "Is NOT a member of Domain Admins" End If Function MemberOf(ObjDict, strKey) ' Given a Dictionary object containing groups to which the user ' is a member of and a group name, then returns True if the group ' is in the Dictionary else return False. ' ' Inputs: ' strDict - Input, Name of a Dictionary object ' strKey - Input, Value being searched for in ' the Dictionary object ' Sample Usage: ' ' If MemberOf(ObjGroupDict, "DOMAIN ADMINS") Then ' wscript.echo "Is a member of Domain Admins." ' End If ' ' MemberOf = CBool(ObjGroupDict.Exists(strKey)) End Function Function CreateMemberOfObject(strDomain, strUserName) ' Given a domain name and username, returns a Dictionary ' object of groups to which the user is a member of. ' ' Inputs: ' ' strDomain - Input, NT Domain name ' strUserName - Input, NT username ' Dim objUser, objGroup Set CreateMemberOfObject = CreateObject("Scripting.Dictionary") CreateMemberOfObject.CompareMode = vbTextCompare Set objUser = GetObject("WinNT://" _ & strDomain & "/" _ & strUserName & ",user") For Each objGroup In objUser.Groups CreateMemberOfObject.Add objGroup.Name, "-" Next Set objUser = Nothing End Function
To map drives based on a different user group than Domain Admins modify this line as required:
If MemberOf(ObjGroupDict, "Domain Admins") Then
For example, if you want to map drives based on whether users are members of a global group named Sales use this line instead:
If MemberOf(ObjGroupDict, "Sales") Then
To map drives instead of displaying a message box, comment out the following line:
wscript.echo "Is a member of Domain Admins." 'REM this line to Map Network Drives
and uncomment these lines:
'WSHNetwork.MapNetworkDrive "O:", "\\server1\share" 'WSHNetwork.MapNetworkDrive "Q:", "\\server2\share"
specifying drive letters and UNC paths as appropriate depending on your own networking environment. For example, to map the drive letter K: to a shared folder named Reports on file server fs3.mtit.com use this line instead of the above:
WSHNetwork.MapNetworkDrive "K:", "\\fs3.mtit.com\Reports"