Richard
Wed Apr 30 10:14:25 PDT 2008
"Microsoft Newbie" <test@test.com> wrote in message
news:%23bBDUXtqIHA.3568@TK2MSFTNGP04.phx.gbl...
> Hi
>
> I am running a Windows 2000 Domain Controller and have my users organised
> into Organisational Units in Active Directory. Could someone assist me
> with creating a login script that maps network drives to the differing
> OUs.
>
> Thanks
I think you mean that you want to map a different share depending on the OU
the user object resides in. For example, everyone in ou=West will get drive
K: mapped to \\Server\ShareA, while everyone in ou=East will be K: mapped to
\\Server\ShareB. You can accomplish this by having one Group Policy applied
to ou=West and another applied to ou=East. There would be no need in the
script to check which OU the user object resides in. Simply map the correct
share. For example, the logon script applied to ou=West might be similar to:
==========
Option Explicit
Dim objNetwork
Set objNetwork = CreateObject("Wscript.Network")
' Trap error if drive already mapped.
On Error Resume Next
objNetwork.MapNetworkDrive "K:", "\\Server\ShareA"
If (Err.Number <> 0) Then
' Error raised, attempt to remove existing drive mapping.
objNetwork.RemoveNetworkDrive "K:", True, True
' Make another attempt to map the drive.
objNetwork.MapNetworkDrive "K:", "\\Server\ShareA"
(If Err.Number <> 0) Then
' Alert the user that K: cannot be mapped.
Call MsgBox("Unable to map drive K:")
End If
End If
On Error GoTo 0
========
If you want one Group Policy for the domain and one logon script, then the
script will need to check the OU. However, that is not simple. The most
reliable method is to bind to the user object and use the Parent method to
retrieve the AdsPath of the parent container/OU. You would check for the
AdsPath of the OU. Just checking the Relative Distinguished Name of the OU
(the "name" of the OU) can be flawed, as it may not uniquely identify the
OU. For example:
=============
Option Explicit
Dim objSysInfo, strUserDN, objUser, strParent
Dim objNetwork
Set objNetwork = CreateObject("Wscript.Network")
' Bind to user object.
Set objSysInfo = CreateObject("ADSystemInfo")
strUserDN = objSysInfo.UserName
Set objUser = GetObject("LDAP://" & strUserDN)
' Retrieve AdsPath of parent container/OU.
strParent = objUser.Parent
' Check for OU, using full AdsPath of the OU.
If (strParent = "LDAP://ou=West,ou=Sales,dc=MyDomain,dc=com") Then
' Trap error if drive already mapped.
On Error Resume Next
objNetwork.MapNetworkDrive "K:", "\\Server\ShareA"
If (Err.Number <> 0) Then
' Error raised, attempt to remove existing drive mapping.
objNetwork.RemoveNetworkDrive "K:", True, True
' Make another attempt to map the drive.
objNetwork.MapNetworkDrive "K:", "\\Server\ShareA"
(If Err.Number <> 0) Then
' Alert the user that K: cannot be mapped.
Call MsgBox("Unable to map drive K:")
End If
End If
On Error GoTo 0
End If
============
You could have a separate If/Then/End If structure for each OU, or use a
Select Case. For assistance configuring the logon script, see this link:
http://www.rlmueller.net/LogonScriptFAQ.htm
--
Richard Mueller
MVP Directory Services
Hilltop Lab -
http://www.rlmueller.net
--