OK, so I haven’t had a chance to finish up either of the two posts I’ve been working on, so to start I’m merging them into one larger MDT post. Secondly, however, I’ve also been working with a friend of mine on creating a logon script for his environment that will replace a certain other tool they are using for logon management for their mix of 9x and 2000 workstations. They’re slowly upgrading their back-end environment in preparation for a migration to Windows 7 on the clients, and they wanted to see if they could move from <product> to logon scripts and group policy (they are going to be using MDT and SCCM for deployment and lifecycle management). They had to try and completely replace their current solution with group policy and a logon script (or scripts), and this has been accomplished.
Since this project took almost 2 weeks to complete, test, and roll out to the test environment, I decided to post it here just in case anyone else found it useful. The starting framework and the progress bar .exe I have linked for anyone who wanted to see the roots from which this beast rose, and a download location for the progressbar binary ultimately used for this as well.
Progress bar code / binary from:
www.devenezia.com/downloads/ppb/index.html
Original source template from
www.anonymoos.com/scripting/logonscript.txt
Here it is, in all it’s… glory?:
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'// \\
'// NAME: profile-based-testlogon.vbs \\
'// \\
'// Original: http://www.cluberti.com/blog \\
'// Last Update: 18th January 2010, Carl Luberti \\
'// Version: 2.5 \\
'// \\
'// \\
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Configure Script Parameters
Option Explicit
Dim strLogName, bolWriteLog, bolManagePrinters, bolEnableCrossDomain, strScriptVer
strLogName = "script.log" ' Filename of log to write to in the %userprofile% folder.
strScriptVer = "20th October 2009, v2.5" ' Version to write in log
bolWriteLog = True ' Toggles log-writing - True for on, False for off.
bolManagePrinters = True ' Set this to False to disable printer management
bolEnableCrossDomain = True ' Toggles Cross Domain AuThentication. Reads registry to obtain NetBIOS domain for the machine.
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Gather User/Machine/Domain Info
Dim objNetwork, objDrives, objPrinters, objDict, objComputer, objShell, objShellApp, objFileSystem, objLogFile, objRootDSE, objTrans
Dim strComputerName, strDomain, strUser, strAdsPath, strNetBIOSDomain, strDNSDomain, strTemp, strLogPath, strUserOU, intPrinter, intNetLetter, i
Dim objFSO, objFiles, intCount
Dim strFile, strName, strDirectory, strTempFolder, strUserProfile, strExt, strProgressBarExe
Dim strOSVer
Dim objUserProfile, objTempFolder, objWMIService
Dim objUser
Set objNetwork = WScript.CreateObject("Wscript.Network")
Set objShell = WScript.CreateObject("WScript.Shell")
Set objShellApp = CreateObject("Shell.Application")
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objDrives = objNetwork.EnumNetworkDrives
Set objPrinters = objNetwork.EnumPrinterConnections
strUserProfile = objShell.ExpandEnvironmentStrings("%userprofile%")
strTempFolder = objShell.ExpandEnvironmentStrings("%temp%")
Set objUserProfile = objFSO.GetFolder(strUserProfile)
Set objTempFolder = objFSO.GetFolder(strTempFolder)
strComputerName = objNetwork.ComputerName
strDomain = objNetwork.UserDomain
strUser = objNetwork.UserName
strAdsPath = strDomain & "/" & strUser
Set objUser = GetObject("WinNT://" & strDomain & "/" & strUser)
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Cross-Domain login check
If bolEnableCrossDomain Then
On Error Resume Next
strNetBIOSDomain = objShell.RegRead _
("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultDomainName")
If Not Err.Number = 0 Then
'do nothing
End If
On Error Goto 0
Else
strNetBIOSDomain = strDomain
End If
'//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Start Login Script Work
Set objComputer = GetObject("WinNT://" & strDomain & "/" & strComputerName & ",computer")
strTemp = objshell.ExpandEnvironmentStrings("%userprofile%")
strLogPath = strTemp & "\" & strLogName '"
Set objFileSystem = WScript.CreateObject("Scripting.FileSystemObject")
If bolWriteLog Then 'initialize log file
On Error Resume Next
Set objLogFile = objFileSystem.OpenTextFile(strLogPath, 2, True) '"
WriteLog "#####################################################"
WriteLog "############### Start Login Script ##################"
WriteLog "#####################################################"
WriteLog ""
objLogFile.WriteLine(Now() & ": Log: Logon script version " & strScriptVer )
WriteLog ""
If Not Err.Number = 0 Then
msgbox "There was a problem opening the log file for writing." & chr(10) & _
"Please check whether """ & strLogPath & """ is a valid file and can be opened for writing." & _
chr(10) & chr(10) & "If you're not sure what to do, please contact your support person.",vbCritical, "Logon Script Error"
WScript.quit
End If
On Error Goto 0
End If
'//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Copy Progressbar.exe to %userprofile%:
WriteLog "----------- Checking for progressbar.exe ------------"
WriteLog ""
strProgressBarExe = strUserProfile & "\progressbar.exe"
If (objFSO.FileExists(strProgressBarExe)) Then
objLogFile.WriteLine(Now() & ": Success: Progressbar.exe exists in %userprofile%, continuing")
WriteLog ""
Else
objLogFile.WriteLine(Now() & ": Log: Progressbar.exe does not exist in %userprofile%, copying:")
FileCopy "\\domain.tld\netlogon\progressbar.exe", "" & strUserProfile & "\"
WriteLog ""
End If
'Write final empty log line for section
WriteLog ""
'//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Configure trusted sites on every login:
WriteLog "------------- Setting Trusted Sites List ------------"
WriteLog ""
Run "regedit /s \\domain.tld\netlogon\trustedsites.reg"
WriteLog ""
'Write final empty log line for section
WriteLog ""
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'// ############################################################################### \\
'// ################################ INSTRUCTIONS ################################# \\
'// ############################################################################### \\
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'Check for OS Version with IsOSVer:
'isOSVer will write an entry in the log when run
'If IsOSVer("Full OS Version") Then
'commands here
'End If
'Check for user group membership with isMember:
'isMember will write an entry in the log file when a user is in the group
'If isMember("groupname") Then
' commands here
'End If
'Check for computer group membership with isComputerMember:
'isComputerMember will write an entry in the log file when a computer is in the group
'If isComputerMember("groupname") Then
' commands here
'End If
'Check for user OU group membership with isOUMember:
'isOUMember will write an entry in the log file when a user is in the OU
'If isOUMember("OUName") Then
' commands here
'End If
'Check the computer running the script for a specific IP address with isThisIP:
'If isThisIP("172.23.0.5") Then
' commands here
'End If
'isThisIP will write log file entries when logging is enabled. Requires WMI.
'Check the computer running the script for a specific IP address with isThisMachine:
'If isThisMachine("ComputerName") Then
' commands here
'End If
'isThisMachine will write log file entries when logging is enabled. Requires WMI.
'Map drives with DriveMapper:
'DriveMapper "Drive:", "\\Server\share"
'Add Printers with AddPrinter:
'AddPrinter "\\Server\Printername"
'Set a default printer with SetPrinterDefault (printer has to exist, or this will not work)
'SetPrinterDefault "\\Server\Printername"
'Remove Printers with RemovePrinter:
'RemovePrinter "\\Server\Printername"
'Remove All Printers from a Server with RemovePrintersFromServer. Handy when you retire a windows print server.
'RemovePrintersFromServer "Servername"
'Execute any file with Run:
'Run "c:\windows\notepad.exe"
'Run "\\server\share\script.vbs"
'Copy files with FileCopy(source, target):
'FileCopy "\\server\share\*.txt", "c:\temp\"
'NOTE: copies are not recursive, and wildcards can only exists in the file level.
'NOTE: The user running the script must have permission to write AND DELETE files in the target location
'Write an entry to the log file with WriteLog():
'WriteLog("some text here")
'Write an entry to the registry file with RegWrite:
'RegWrite "Reg value to change, Reg data to have entered into the value, Reg value type"
'Set user environment variables with PutEnv:
'PutEnv "Variablename", "VariableValue"
'A log file will be placed in the user's temp directory and will be named to the ScriptLogName variable set above.
'Interact with the logon script Progress Bar with ProgressBar:
'ProgressBar("parameters here")
'Fully documented here: http://www.devenezia.com/downloads/ppb/index.html
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'// ############################################################################### \\
'// ############################# Change Script Below ############################# \\
'// ############################################################################### \\
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'//
'// Checking OS Version:
WriteLog "---------------- Checking OS Version ----------------"
WriteLog ""
If IsOSVer("5.0.2195") Then
If bolWriteLog Then
WriteLog "OS is Windows 2000"
strOSVer = "2000"
WriteLog ""
WriteLog ""
WScript.sleep 5000
Run "\\domain.tld\netlogon\oldlogonscript.bat"
WScript.Quit
End If
End If
If IsOSVer("5.1.2600") Then
If bolWriteLog Then WriteLog "OS is Windows XP"
strOSVer = "XP"
WriteLog ""
WriteLog ""
' WScript.sleep 5000
' Run "\\domain.tld\netlogon\oldlogonscript.bat"
' WScript.Quit
End If
End If
If IsOSVer("5.2.3790") Then
If bolWriteLog Then
WriteLog "OS is Windows Server 2003"
strOSVer = "2003"
WriteLog ""
WriteLog ""
' WScript.sleep 5000
' Run "\\domain.tld\netlogon\oldlogonscript.bat"
' WScript.Quit
End If
End If
If IsOSVer("6.1.7600") Then
strOSVer = "7 / 2008 R2 RTM"
WriteLog ""
If bolWriteLog Then
WriteLog "OS is Windows 7 / Server 2008 R2 RTM"
End If
End If
If IsOSVer("6.0.6002") Then
strOSVer = "Vista / 2008 SP2"
WriteLog ""
If bolWriteLog Then
WriteLog "OS is Windows Vista / Server 2008 SP2"
End If
End If
If IsOSVer("6.0.6001") Then
strOSVer = "Vista / 2008 SP1"
WriteLog ""
If bolWriteLog Then
WriteLog "OS is Windows Vista / Server 2008 SP1"
End If
End If
If IsOSVer("6.0.6000") Then
strOSVer = "Vista RTM"
WriteLog ""
If bolWriteLog
Then WriteLog "OS is Windows Vista RTM"
End If
End If
'Write final empty log line for section
WriteLog ""
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'// ############################### Global Settings ############################### \\
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Create Login Progress Bar application:
ProgressBar("Create ""Login Script")
WScript.sleep 100
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Synchronize PC's time with a domain controller:
ProgressBar("SetText 1 ""Setting time")
WScript.sleep 100
WriteLog "------------- Configuring Machine Time --------------"
WriteLog ""
objShell.run "net time /domain: " & strDomain & " /set /yes", 0, TRUE
If Err.Number = 0 Then
objLogFile.WriteLine(Now() & ": Success: Machine time for computer " & strComputerName & " synchronized with " & strDomain & " domain" )
Else
objLogFile.WriteLine(Now() & ": Failure: Machine time for computer " & strComputerName & " not synchronized with " & strDomain & " domain" )
End If
WriteLog ""
ProgressBar("SetPos 1 5")
WScript.sleep 300
'Write final empty log line for section
WriteLog ""
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'// #################### Settings based on user/group/machine ##################### \\
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Remove mapped drives and printers before continuing:
ProgressBar("SetText 1 ""Removing old mapped drives and printers")
ProgressBar("SetPos 1 20")
On Error Resume Next
For i = 0 to objDrives.Count - 1 Step 2
'WScript.Echo objDrives.Item(i+1)
objNetwork.RemoveNetworkDrive objDrives.Item(i),True,True
Next
WScript.sleep 600
On Error Resume Next
For i = 0 to objPrinters.Count - 1 Step 2
'WScript.Echo objPrinters.Item(i+1)
objNetwork.RemovePrinterConnection objPrinters.Item(i+1)
Next
WScript.sleep 600
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Skip printer mappings If the computer is a member of a specific group:
If IsComputerMember("PrintServers") Then
bolManagePrinters = False
writeLog "Printer Management Disabled for Terminal Servers"
' Exclude anyone logging on to a print server from creating printers.
End If
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Domain Users Domain Group check:
On Error Resume Next
If isMember("Domain Users") Then
WriteLog ""
WriteLog "Processing 'Domain Users' Script Profile"
WriteLog ""
WriteLog "---------------- Profile Redirection ----------------"
WriteLog ""
ProgressBar("SetText 1 ""Redirecting Domain Users folders")
WScript.sleep 100
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cookies", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Cookies" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Desktop" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Favorites", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Favorites" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\History", "\\FILESERVER\Profiles$\Windows\" & strUser & "\History" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Recent", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Recent" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Personal", "\\FILESERVER\Profiles$\Windows\" & strUser , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Music", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Music" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Pictures", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Pictures" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Video", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Video" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{374DE290-123F-4565-9164-39C4925E467B}", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Downloads" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData", "\\FILESERVER\Profiles$\Windows\" & strUser & "\AppData" , "REG_EXPAND_SZ"
ProgressBar("SetPos 1 25")
WScript.sleep 300
WriteLog ""
WriteLog "------------------ Drive Mappings -------------------"
WriteLog ""
ProgressBar("SetText 1 ""Mapping Domain Users drives")
WScript.sleep 100
DriveMapper "H:", "\\FILESERVER\Home$\Windows\" & strUser , "Home"
DriveMapper "L:", "\\FILESERVER\Profiles$\Windows\" & strUser , "Profile"
DriveMapper "P:", "\\FILESERVER\Public", "Public"
DriveMapper "S:", "\\FILESERVER\Applications$", "Apps"
DriveMapper "V:", "\\FILESERVER\system$", "Access System Files"
WriteLog ""
WriteLog ""
ProgressBar("SetPos 1 30")
WScript.sleep 300
If isMember("Quick Books") Then
ProgressBar("SetText 1 ""Mapping Quick Books drives")
WScript.sleep 100
WriteLog ""
DriveMapper "Q:", "\\FILESERVER\QuickBooks$"
objShellApp.NameSpace(qDrive).Self.Name = "QuickBooks"
WriteLog ""
ProgressBar("SetPos 1 40")
WScript.sleep 300
End If
WriteLog ""
WriteLog "----------------- Printer Mappings ------------------"
WriteLog ""
If isOUMember("North Campus") Then
ProgressBar("SetText 1 ""Mapping North Campus printers")
WScript.sleep 100
WriteLog ""
AddPrinter "\\PRINTSERVER\PRINTER01"
AddPrinter "\\PRINTSERVER\PRINTER02"
AddPrinter "\\PRINTSERVER\PRINTER04"
AddPrinter "\\PRINTSERVER\PRINTER05"
SetPrinterDefault "\\PRINTSERVER\PRINTER02"
WriteLog ""
WriteLog ""
ProgressBar("SetPos 1 52")
WScript.sleep 300
If isMember("Accounting") Then
ProgressBar("SetText 1 ""Mapping Accounting printers")
WScript.sleep 100
WriteLog ""
AddPrinter "\\PRINTSERVER\PRINTER06"
'SetPrinterDefault "\\PRINTSERVER\PRINTER06"
WriteLog ""
ProgressBar("SetPos 1 54")
WScript.sleep 300
End If
If isUser("usera") Then
ProgressBar("SetText 1 ""Mapping usera's printers")
WScript.sleep 100
WriteLog ""
AddPrinter "\\PRINTSERVER\PRINTER03"
SetPrinterDefault "\\PRINTSERVER\PRINTER03"
WriteLog ""
ProgressBar("SetPos 1 58")
WScript.sleep 300
End If
End If
If isOUMember("South Campus") Then
ProgressBar("SetText 1 ""Mapping South Campus printers")
WScript.sleep 100
WriteLog ""
AddPrinter "\\PRINTSERVER\PRINTER01"
AddPrinter "\\PRINTSERVER\PRINTER02"
AddPrinter "\\PRINTSERVER\PRINTER04"
AddPrinter "\\PRINTSERVER\PRINTER05"
SetPrinterDefault "\\PRINTSERVER\PRINTER01"
WriteLog ""
WriteLog ""
ProgressBar("SetPos 1 60")
WScript.sleep 300
If isMember("Accounting") Then
ProgressBar("SetText 1 ""Mapping Accounting printers")
WScript.sleep 100
WriteLog ""
AddPrinter "\\PRINTSERVER\PRINTER06"
SetPrinterDefault "\\PRINTSERVER\PRINTER06"
WriteLog ""
ProgressBar("SetPos 1 62")
WScript.sleep 300
End If
If isUser("userb") Then
ProgressBar("SetText 1 ""Mapping userb's printers")
WScript.sleep 100
WriteLog ""
AddPrinter "\\PRINTSERVER\PRINTER03"
WriteLog ""
ProgressBar("SetPos 1 66")
WScript.sleep 300
End If
End If
WriteLog ""
WriteLog "----------------- Registry Policies -----------------"
WriteLog ""
ProgressBar("SetText 1 ""Setting profile policies")
WScript.sleep 100
'Internet Explorer
'Disable Internet Connection Wizard:
RegWrite "HKCU\Software\Microsoft\Internet Connection Wizard\Completed", "1", "REG_DWORD"
'Disable changing proxy settings:
RegWrite "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\Proxy", "1", "REG_DWORD"
'Disable Reset Web Settings feature:
RegWrite "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\ResetWebSettings", "1", "REG_DWORD"
'Disable automatic check for software updates:
RegWrite "HKCU\Software\Microsoft\Internet Explorer\Main\NoUpdateCheck", "1", "REG_DWORD"
'System
'Require alphanumeric password:
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Network\AlphanumPwds", "1", "REG_DWORD"
'No workgroup contents in network neighborhood:
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoWorkgroupContents", "1", "REG_DWORD"
'Hide L, N, S, and V drive letters:
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives", &H00242800, "REG_DWORD"
WriteLog ""
ProgressBar("SetPos 1 75")
WScript.sleep 300
End If
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Domain Admins Domain Group check:
If isMember("Domain Admins") Then
WriteLog ""
WriteLog "Processing 'Domain Admins' Script Profile"
WriteLog ""
ProgressBar("SetText 1 ""Redirecting Domain Admins folders")
WScript.sleep 100
WriteLog ""
WriteLog "---------------- Profile Redirection ----------------"
WriteLog ""
If isUser("otheradmin") Then
ProgressBar("SetText 1 ""Redirecting otheradmin's folders")
WScript.sleep 100
WriteLog ""
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cookies", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Cookies" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Desktop" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Favorites", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Favorites" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\History", "\\FILESERVER\Profiles$\Windows\" & strUser & "\History" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Recent", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Recent" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Personal", "\\FILESERVER\Profiles$\Windows\" & strUser , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Music", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Music" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Pictures", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Pictures" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Video", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Video" , "REG_EXPAND_SZ"
'RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{374DE290-123F-4565-9164-39C4925E467B}", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Downloads" , "REG_EXPAND_SZ"
'RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData", "\\FILESERVER\Profiles$\Windows\" & strUser & "\AppData" , "REG_EXPAND_SZ"
WriteLog ""
WScript.sleep 300
Else
ProgressBar("SetText 1 ""Redirecting Domain Admins folders")
WScript.sleep 100
WriteLog ""
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cookies", "%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Cookies" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop", "%USERPROFILE%\Desktop" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Favorites", "%USERPROFILE%\Favorites" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\History", "%USERPROFILE%\AppData\Local\Microsoft\Windows\History" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Recent", "%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Personal", "%USERPROFILE%\Documents" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Music", "%USERPROFILE%\Music" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Pictures", "%USERPROFILE%\Pictures" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Video", "%USERPROFILE%\Videos" , "REG_EXPAND_SZ"
'RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{374DE290-123F-4565-9164-39C4925E467B}", "%USERPROFILE%\Downloads" , "REG_EXPAND_SZ"
RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData", "%USERPROFILE%\AppData\Roaming" , "REG_EXPAND_SZ"
WriteLog ""
WScript.sleep 300
End If
ProgressBar("SetPos 1 25")
WScript.sleep 300
WriteLog ""
WriteLog "------------------ Drive Mappings -------------------"
WriteLog ""
ProgressBar("SetText 1 ""Mapping Domain Admins drives")
WScript.sleep 100
DriveMapper "H:", "\\FILESERVER\Home$\Windows\" & strUser , "Home"
DriveMapper "L:", "\\FILESERVER\Profiles$\Windows\" & strUser , "Profile"
DriveMapper "M:", "\\FILESERVER\adminshare$", "Admin"
DriveMapper "P:", "\\FILESERVER\Public", "Public"
DriveMapper "Q:", "\\FILESERVER\QuickBooks$", "QuickBooks"
DriveMapper "S:", "\\FILESERVER\Applications$", "Apps"
DriveMapper "V:", "\\FILESERVER\system$", "MS Access System Files"
WriteLog ""
WriteLog ""
ProgressBar("SetPos 1 50")
WScript.sleep 300
ProgressBar("SetText 1 ""Mapping Domain Admins printers")
WScript.sleep 100
WriteLog ""
WriteLog "----------------- Printer Mappings ------------------"
WriteLog ""
AddPrinter "\\PRINTSERVER\PRINTER01"
AddPrinter "\\PRINTSERVER\PRINTER06"
AddPrinter "\\PRINTSERVER\PRINTER02"
AddPrinter "\\PRINTSERVER\PRINTER03"
AddPrinter "\\PRINTSERVER\PRINTER04"
AddPrinter "\\PRINTSERVER\PRINTER05"
SetPrinterDefault "\\PRINTSERVER\PRINTER01"
WriteLog ""
WriteLog ""
ProgressBar("SetPos 1 70")
WScript.sleep 300
If isOUMember("North Campus") Then
ProgressBar("SetText 1 ""Mapping North Campus printers")
WScript.sleep 100
WriteLog ""
SetPrinterDefault "\\PRINTSERVER\PRINTER02"
WriteLog ""
ProgressBar("SetPos 1 72")
WScript.sleep 300
End If
If isOUMember("South Campus") Then
ProgressBar("SetText 1 ""Mapping South Campus printers")
WScript.sleep 100
WriteLog ""
SetPrinterDefault "\\PRINTSERVER\PRINTER01"
WriteLog ""
ProgressBar("SetPos 1 75")
WScript.sleep 300
End If
ProgressBar("SetText 1 ""Setting Domain Admins Registry Policies")
WScript.sleep 100
WriteLog ""
WriteLog "----------------- Registry Policies -----------------"
WriteLog ""
WriteLog "No policies written for Domain Admins"
WriteLog ""
ProgressBar("SetPos 1 80")
WScript.sleep 300
End If
'Write final empty log line for section
WriteLog ""
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'// ############################ Temp File Cleanup ################################ \\
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Delete files from temp directory:
WriteLog "---------------- Deleting Temp Files ----------------"
WriteLog ""
ProgressBar("SetText 1 ""Cleaning up")
WScript.sleep 100
intcount = 0
Set objFiles = objTempFolder.Files
For Each strFile In objFiles
On Error Resume Next
strFile.delete
intCount = intCount +1
Next
WriteLog intCount & " temp files were deleted"
ProgressBar("SetPos 1 95")
WScript.sleep 300
'Write final empty log line for section
WriteLog ""
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
'// ############################################################################### \\
'// ################## ^^^^^^^^^^ CHANGE SCRIPT ABOVE ^^^^^^^^^^ ################## \\
'// ####################### DO NOT EDIT BELOW THIS SECTION ######################## \\
'// ############################################################################### \\
'//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\
WriteLog ""
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'//
'// Subs and Functions
ProgressBar("SetPos 1 100")
WScript.sleep 100
ProgressBar("SetText 1 ""Login script finished")
WScript.sleep 2000
ProgressBar("shutdown")
WriteLog "#####################################################"
WriteLog "################ End Login Script ###################"
WriteLog "#####################################################"
Set objNetwork = Nothing
Set objDrives = Nothing
Set objComputer = Nothing
Set objShell = Nothing
Set objFileSystem = Nothing
Set objLogFile = Nothing
Set objFSO = nothing
Set strFile = nothing
Set objFiles = nothing
Wscript.Quit
Function IsOSVer(sOSVer)
On Error Resume Next
Dim sThisComputer, oWMIService, cItems, oItem, sVer, intComparison
sThisComputer = "."
Set oWMIService = GetObject("winmgmts:\\" & sThisComputer & "\root\cimv2")
Set cItems = oWMIService.ExecQuery("Select * from Win32_OperatingSystem",,48)
For Each oItem In cItems
intComparison = StrComp(oItem.Version ,sOSVer ,1)
If intComparison = 0 Then
isOSVer = True
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: OS Version is " & sOSVer )
End If
Exit Function
Else
isOSVer = False
End If
Next
End Function
Function IsUser(sUser)
Dim intComparison
intComparison = StrComp(strUser ,sUser ,1)
If intComparison = 0 Then
IsUser = True
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: User is " & strUser)
End If
Exit Function
Else
IsUser = False
End If
End Function
Function IsMember(sGroup)
Dim oDict, oUser, oGroup
If IsEmpty(oDict) Then
Set oDict = CreateObject("Scripting.Dictionary")
oDict.CompareMode = vbTextCompare
Set oUser = GetObject("WinNT://" & strAdsPath & ",user")
For Each oGroup In oUser.Groups
oDict.Add oGroup.Name, "-"
Next
Set oUser = Nothing
End If
IsMember = CBool(oDict.Exists(sGroup))
If IsMember And bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: User is member of " & sGroup)
End If
End Function
Function IsOUMember(sOU)
Dim oConnection, oCommand, oRecordSet
Dim strDN, arrPath, intLength, intNameLength, intComparison
Const ADS_SCOPE_SUBTREE = 2
Set oConnection = CreateObject("ADODB.Connection")
Set oCommand = CreateObject("ADODB.Command")
oConnection.Provider = "ADsDSOObject"
oConnection.Open "Active Directory Provider"
Set oCommand.ActiveConnection = oConnection
oCommand.Properties("Page Size") = 1000
oCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
oCommand.CommandText = _
"SELECT distinguishedName FROM 'LDAP://dc=DOMAIN,dc=to'WHERE objectCategory='user'AND sAMAccountName='" & strUser & "'"
Set oRecordSet = oCommand.Execute
oRecordSet.MoveFirst
Do Until oRecordSet.EOF
strDN = oRecordSet.Fields("distinguishedName").Value
arrPath = Split(strDN, ",")
intLength = Len(arrPath(1))
intNameLength = intLength - 3
strUserOU = Right(arrPath(1), intNameLength)
oRecordSet.MoveNext
Loop
intComparison = StrComp(strUserOU ,sOU ,1)
If intComparison = 0 Then
IsOUMember = True
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: User is a member of " & strUserOU)
End If
Exit Function
Else
IsOUMember = False
End If
End Function
Function IsComputerMember(sGroup)
Dim oGroup
On Error Resume Next
Set oGroup = GetObject("WinNT://" & strDomain & "/" & sGroup & ",group")
IsComputerMember = CBool(oGroup.IsMember(objComputer.ADsPath & "$"))
If IsComputerMember And bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Computer is member of " & sGroup)
Set oGroup = Nothing
If Not Err.Number = 0 Then
'nothing to see here, move along
End If
End If
On Error Goto 0
End Function
Sub WriteLog(sEntry)
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Log: " & sEntry)
End If
End Sub
Sub DriveMapper(sDrive, sShare, sName)
On Error Resume Next
objNetwork.MapNetworkDrive sDrive, sShare
If Err.Number = 0 Then
objShellApp.NameSpace(sDrive).Self.Name = sName
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Connect """ & sDrive & """ to share """ & sShare & """ with name """ & sName & """")
End If
Else
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Log: Unable to connect """ & sDrive & """ to share """ & sShare & """ with name """ & sName & """")
End If
On Error Goto 0
End Sub
Sub AddPrinter(sPrinterUNC)
On Error Resume Next
If Not bolManagePrinters Then
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Printer connection skipped because disabled (" & _
strUser & " on " & strComputerName & ")")
End If
Else
objNetwork.AddWindowsPrinterConnection sPrinterUNC
If Err.Number = 0 Then
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Connect to printer: " & sPrinterUNC)
End If
Else
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Failed: Connect to printer: " & sPrinterUNC)
End If
End If
End If
On Error Goto 0
End Sub
Sub RemovePrinter(sPrinterUNC)
If Not bolManagePrinters Then
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Printer connection skipped because disabled (" & _
strUser & " on " & strComputerName & ")")
End If
Else
Dim oPrinters
Set oPrinters = objNetwork.EnumPrinterConnections
For i = 0 To oPrinters.Count - 1 Step 2
If uCase(oPrinters.Item(i+1)) = uCase(sPrinterUNC) Then
On Error Resume Next
objNetwork.RemovePrinterConnection sPrinterUNC, True, True
If Err.Number = 0 Then
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Remove printer: " & sPrinterUNC)
Else
If bolWriteLog Then\
objLogFile.WriteLine(Now() & ": Failed: Remove printer: " & sPrinterUNC)
End If
On Error Goto 0
Exit Sub
End If
Next
End If
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Remove printer: " & sPrinterUNC & " (Printer did not exist)" )
End If
End Sub
Sub RemovePrintersFromServer(sServerName)
If Not bolManagePrinters Then
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Printer connection skipped because disabled (" & _
strUser & " on " & strComputerName & ")")
End If
Else
Dim oPrinters, aPrinter
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Removing all printers from: " & ucase(sServerName))
Set oPrinters = objNetwork.EnumPrinterConnections
For i = 0 to oPrinters.Count - 1 Step 2
On Error Resume Next
aPrinter = split(uCase(oPrinters.Item(i+1)),"\",-1, 1) '"
If Not UBound(aPrinter) = 0 Then 'this is not a local printer, process code
If aPrinter(2) = ucase(sServerName) Then
objNetwork.RemovePrinterConnection oPrinters.Item(i+1), True, True
If Err.Number = 0 Then
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Remove printer: " & oPrinters.Item(i+1))
End If
Else
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Failed: Remove printer: " & oPrinters.Item(i+1))
End If
End If
End If
End If
aPrinter = ""
On Error Goto 0
Next
End If
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Removed all printers from: " & ucase(sServerName))
End If
End If
End Sub
Sub SetPrinterDefault(sPrinterUNC)
On Error Resume Next
If Not bolManagePrinters Then
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Default printer to " & sPrinterUNC & _
" skipped because disabled (" & strUser & " on " & strComputerName & ")")
Else
objNetwork.SetDefaultPrinter sPrinterUNC
If Err.Number = 0 Then
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Set as Default: " & sPrinterUNC)
End If
Else
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Failed: Set as Default: " & sPrinterUNC)
End If
End If
End If
On Error Goto 0
End Sub
Sub PutEnv(sName, sValue)
Dim oEnv
Set oEnv = objShell.Environment("USER")
oEnv(sName) = sValue
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Set user variable """ & sName & """ to: """ & sValue & """")
End If
Set oEnv = Nothing
End Sub
Sub Run(ByVal sFile)
On Error Resume Next
'objShell.Run Chr(34) & sFile & Chr(34), 1, False
objShell.Run sFile, 1, False
If Err.Number = 0 Then
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Execute: " & sFile)
End If
Else
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Failed: Execute: " & sFile & " with error " & Err.Number)
End If
End If
On Error Goto 0
End Sub
Sub FileCopy(sSource, sTarget)
On Error Resume Next
objFileSystem.CopyFile sSource, sTarget
If Err.Number = 0 Then
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Copy: " & sSource & " to " & sTarget)
End If
Else
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Failed: Copy: " & sSource & " to " & sTarget)
End If
End If
On Error Goto 0
End Sub
Sub RegWrite(sRegValue, sRegData, sRegType)
On Error Resume Next
objShell.Regwrite sRegValue, sRegData, sRegType
If Err.Number = 0 Then
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Reg value " & sRegValue & " set to " & sRegData & " as type " & sRegType )
End If
Else
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Failed: Reg value " & sRegValue & " not set to " & sRegData)
End If
End If
On Error Goto 0
End Sub
Function isThisIP(sThisAddress)
On Error Resume Next
Dim sThisComputer, oWMIService, cItems, oItem ,sAddress
sThisComputer = "."
Set oWMIService = GetObject("winmgmts:\\" & sThisComputer & "\root\cimv2")
Set cItems = oWMIService.ExecQuery ("Select * From Win32_NetworkAdapterConfiguration Where IPEnabled = True")
For Each oItem In cItems 'cycle all adapters
'objItem.MACAddress 'this is the mac address, just in case
For Each sAddress In oItem.IPAddress 'cycle all ip addresses for this adapter
If sAddress = sThisAddress Then
isThisIP = True
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Found IP " & sThisAddress )
Exit function
End If
End If
Next
Next
If Err.Number = 0 Then
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Did not find IP " & sThisAddress )
End If
Else
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Failed: An error occurred looking for IP " & sThisAddress )
End If
End If
isThisIP = False
On Error goto 0
End Function
Function isThisMachine(sThisMachine)
On Error Resume Next
If sThisMachine = strComputer Then
isThisMachine = True
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Machine name is " & sThisMachine )
Exit function
End If
End If
If Err.Number = 0 Then
If bolWriteLog Then
objLogFile.WriteLine(Now() & ": Success: Machine name is not " & sThisMachine )
End If
Else
'nothing to see here, move along
End If
isThisMachine = False
On Error goto 0
End Function
Sub ProgressBar(params)
objShell.Run """" & strUserProfile & "\progressbar.exe"" " & params
End Sub