enumeration of groups 1

[terry712]

not sure if this is best place or on the 2003 server bit.

i have started to use abe on a 2003 server - basically what i want to do is have a root directory called shared and then i was going to give rights to this sya to GLS-server
. rights would just be for this dir and very limitied.

inside the shared directory i would then have all the departmental drive mappings for this server - so abe would mean they can only see the ones that have rights to - each directory is also explicitly controlled by a group

i had hoped to add these sub groups as a member of GLS-server group so that in the script i could basically say if member of gls-server then map y: to server\shared but it cannot enumerate the nested groups

so i have had to just remap each group which is quick long
example below

on error resume next
Set wshNetwork = CreateObject("WScript.Network")

'****************************************************************************

Set ADSysInfo = CreateObject("ADSystemInfo")
Set CurrentUser = GetObject("LDAP://" & ADSysInfo.UserName)
strGroups = Join(CurrentUser.getex("MemberOf"))

strComputerName = wshNetwork.ComputerName

If Instr(1, strGroups, "cn=finance", 1) Then

WsHNetwork.MapNetworkDrive "y:", "\\server\shared"
End If

If Instr(1, strGroups, "cn=payroll", 1) Then

WsHNetwork.MapNetworkDrive "y:", "\\server\shared"
End If

If InStr(1, strGroups, "cn=claims", 1) Then

WsHNetwork.MapNetworkDrive "y:", "\\server\shared"

 

[markdmac]

My login script FAQ has all the code you need to be able to map drives based on group memberships.

faq329-5798

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at

http://www.thespidersparlor.com/vbscript

Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.

 

[terry712]

will give it a twirl

and will this handle nested groups

ie in login script if i say member of bertie gls group - the script will take the user even if he in in the bassett group that is a member of the bertie group

 

[markdmac]

It does not handle nested groups. If you wish to do that then you will need to bind to a group and enumerate its members recursively. Several examples have been posted on this site, you might want to do some searching.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at

http://www.thespidersparlor.com/vbscript

Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.

 

[terry712]

ok cheers - will have a peak later when a little less busy

thanks

always a pity that you can just transplant your vbs knowledge directly to my cortex

 

[terry712]

i notice that you comment elsewhere that there a large overhead in this kind of recursive search

is it better having the longer messy script that i have rather than do the recursive searching?

 

[markdmac]

By using a select case statement as I demo in my FAQ you can easily clean it up.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at

http://www.thespidersparlor.com/vbscript

Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.