OK, so I haven’t had a chance to finish up either of the two posts I’ve been working on, so to start I’m merging them into one larger MDT post. Secondly, however, I’ve also been working with a friend of mine on creating a logon script for his environment that will replace a certain other tool they are using for logon management for their mix of 9x and 2000 workstations. They’re slowly upgrading their back-end environment in preparation for a migration to Windows 7 on the clients, and they wanted to see if they could move from <product> to logon scripts and group policy (they are going to be using MDT and SCCM for deployment and lifecycle management). They had to try and completely replace their current solution with group policy and a logon script (or scripts), and this has been accomplished.
Since this project took almost 2 weeks to complete, test, and roll out to the test environment, I decided to post it here just in case anyone else found it useful. The starting framework and the progress bar .exe I have linked for anyone who wanted to see the roots from which this beast rose, and a download location for the progressbar binary ultimately used for this as well.
Progress bar code / binary from:
www.devenezia.com/downloads/ppb/index.html
Original source template from
www.anonymoos.com/scripting/logonscript.txt
Here it is, in all it’s… glory?:
'// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ '// \\ '// NAME: profile-based-testlogon.vbs \\ '// \\ '// Original: http://www.cluberti.com/blog \\ '// Last Update: 18th January 2010, Carl Luberti \\ '// Version: 2.5 \\ '// \\ '// \\ '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Configure Script Parameters Option Explicit Dim strLogName, bolWriteLog, bolManagePrinters, bolEnableCrossDomain, strScriptVer strLogName = "script.log" ' Filename of log to write to in the %userprofile% folder. strScriptVer = "20th October 2009, v2.5" ' Version to write in log bolWriteLog = True ' Toggles log-writing - True for on, False for off. bolManagePrinters = True ' Set this to False to disable printer management bolEnableCrossDomain = True ' Toggles Cross Domain AuThentication. Reads registry to obtain NetBIOS domain for the machine. '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Gather User/Machine/Domain Info Dim objNetwork, objDrives, objPrinters, objDict, objComputer, objShell, objShellApp, objFileSystem, objLogFile, objRootDSE, objTrans Dim strComputerName, strDomain, strUser, strAdsPath, strNetBIOSDomain, strDNSDomain, strTemp, strLogPath, strUserOU, intPrinter, intNetLetter, i Dim objFSO, objFiles, intCount Dim strFile, strName, strDirectory, strTempFolder, strUserProfile, strExt, strProgressBarExe Dim strOSVer Dim objUserProfile, objTempFolder, objWMIService Dim objUser Set objNetwork = WScript.CreateObject("Wscript.Network") Set objShell = WScript.CreateObject("WScript.Shell") Set objShellApp = CreateObject("Shell.Application") Set objFSO = CreateObject("Scripting.FileSystemObject") Set objDrives = objNetwork.EnumNetworkDrives Set objPrinters = objNetwork.EnumPrinterConnections strUserProfile = objShell.ExpandEnvironmentStrings("%userprofile%") strTempFolder = objShell.ExpandEnvironmentStrings("%temp%") Set objUserProfile = objFSO.GetFolder(strUserProfile) Set objTempFolder = objFSO.GetFolder(strTempFolder) strComputerName = objNetwork.ComputerName strDomain = objNetwork.UserDomain strUser = objNetwork.UserName strAdsPath = strDomain & "/" & strUser Set objUser = GetObject("WinNT://" & strDomain & "/" & strUser) '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Cross-Domain login check If bolEnableCrossDomain Then On Error Resume Next strNetBIOSDomain = objShell.RegRead _ ("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultDomainName") If Not Err.Number = 0 Then 'do nothing End If On Error Goto 0 Else strNetBIOSDomain = strDomain End If '//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Start Login Script Work Set objComputer = GetObject("WinNT://" & strDomain & "/" & strComputerName & ",computer") strTemp = objshell.ExpandEnvironmentStrings("%userprofile%") strLogPath = strTemp & "\" & strLogName '" Set objFileSystem = WScript.CreateObject("Scripting.FileSystemObject") If bolWriteLog Then 'initialize log file On Error Resume Next Set objLogFile = objFileSystem.OpenTextFile(strLogPath, 2, True) '" WriteLog "#####################################################" WriteLog "############### Start Login Script ##################" WriteLog "#####################################################" WriteLog "" objLogFile.WriteLine(Now() & ": Log: Logon script version " & strScriptVer ) WriteLog "" If Not Err.Number = 0 Then msgbox "There was a problem opening the log file for writing." & chr(10) & _ "Please check whether """ & strLogPath & """ is a valid file and can be opened for writing." & _ chr(10) & chr(10) & "If you're not sure what to do, please contact your support person.",vbCritical, "Logon Script Error" WScript.quit End If On Error Goto 0 End If '//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Copy Progressbar.exe to %userprofile%: WriteLog "----------- Checking for progressbar.exe ------------" WriteLog "" strProgressBarExe = strUserProfile & "\progressbar.exe" If (objFSO.FileExists(strProgressBarExe)) Then objLogFile.WriteLine(Now() & ": Success: Progressbar.exe exists in %userprofile%, continuing") WriteLog "" Else objLogFile.WriteLine(Now() & ": Log: Progressbar.exe does not exist in %userprofile%, copying:") FileCopy "\\domain.tld\netlogon\progressbar.exe", "" & strUserProfile & "\" WriteLog "" End If 'Write final empty log line for section WriteLog "" '//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Configure trusted sites on every login: WriteLog "------------- Setting Trusted Sites List ------------" WriteLog "" Run "regedit /s \\domain.tld\netlogon\trustedsites.reg" WriteLog "" 'Write final empty log line for section WriteLog "" '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ '// ############################################################################### \\ '// ################################ INSTRUCTIONS ################################# \\ '// ############################################################################### \\ '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ 'Check for OS Version with IsOSVer: 'isOSVer will write an entry in the log when run 'If IsOSVer("Full OS Version") Then 'commands here 'End If 'Check for user group membership with isMember: 'isMember will write an entry in the log file when a user is in the group 'If isMember("groupname") Then ' commands here 'End If 'Check for computer group membership with isComputerMember: 'isComputerMember will write an entry in the log file when a computer is in the group 'If isComputerMember("groupname") Then ' commands here 'End If 'Check for user OU group membership with isOUMember: 'isOUMember will write an entry in the log file when a user is in the OU 'If isOUMember("OUName") Then ' commands here 'End If 'Check the computer running the script for a specific IP address with isThisIP: 'If isThisIP("172.23.0.5") Then ' commands here 'End If 'isThisIP will write log file entries when logging is enabled. Requires WMI. 'Check the computer running the script for a specific IP address with isThisMachine: 'If isThisMachine("ComputerName") Then ' commands here 'End If 'isThisMachine will write log file entries when logging is enabled. Requires WMI. 'Map drives with DriveMapper: 'DriveMapper "Drive:", "\\Server\share" 'Add Printers with AddPrinter: 'AddPrinter "\\Server\Printername" 'Set a default printer with SetPrinterDefault (printer has to exist, or this will not work) 'SetPrinterDefault "\\Server\Printername" 'Remove Printers with RemovePrinter: 'RemovePrinter "\\Server\Printername" 'Remove All Printers from a Server with RemovePrintersFromServer. Handy when you retire a windows print server. 'RemovePrintersFromServer "Servername" 'Execute any file with Run: 'Run "c:\windows\notepad.exe" 'Run "\\server\share\script.vbs" 'Copy files with FileCopy(source, target): 'FileCopy "\\server\share\*.txt", "c:\temp\" 'NOTE: copies are not recursive, and wildcards can only exists in the file level. 'NOTE: The user running the script must have permission to write AND DELETE files in the target location 'Write an entry to the log file with WriteLog(): 'WriteLog("some text here") 'Write an entry to the registry file with RegWrite: 'RegWrite "Reg value to change, Reg data to have entered into the value, Reg value type" 'Set user environment variables with PutEnv: 'PutEnv "Variablename", "VariableValue" 'A log file will be placed in the user's temp directory and will be named to the ScriptLogName variable set above. 'Interact with the logon script Progress Bar with ProgressBar: 'ProgressBar("parameters here") 'Fully documented here: http://www.devenezia.com/downloads/ppb/index.html '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ '// ############################################################################### \\ '// ############################# Change Script Below ############################# \\ '// ############################################################################### \\ '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ '// '// Checking OS Version: WriteLog "---------------- Checking OS Version ----------------" WriteLog "" If IsOSVer("5.0.2195") Then If bolWriteLog Then WriteLog "OS is Windows 2000" strOSVer = "2000" WriteLog "" WriteLog "" WScript.sleep 5000 Run "\\domain.tld\netlogon\oldlogonscript.bat" WScript.Quit End If End If If IsOSVer("5.1.2600") Then If bolWriteLog Then WriteLog "OS is Windows XP" strOSVer = "XP" WriteLog "" WriteLog "" ' WScript.sleep 5000 ' Run "\\domain.tld\netlogon\oldlogonscript.bat" ' WScript.Quit End If End If If IsOSVer("5.2.3790") Then If bolWriteLog Then WriteLog "OS is Windows Server 2003" strOSVer = "2003" WriteLog "" WriteLog "" ' WScript.sleep 5000 ' Run "\\domain.tld\netlogon\oldlogonscript.bat" ' WScript.Quit End If End If If IsOSVer("6.1.7600") Then strOSVer = "7 / 2008 R2 RTM" WriteLog "" If bolWriteLog Then WriteLog "OS is Windows 7 / Server 2008 R2 RTM" End If End If If IsOSVer("6.0.6002") Then strOSVer = "Vista / 2008 SP2" WriteLog "" If bolWriteLog Then WriteLog "OS is Windows Vista / Server 2008 SP2" End If End If If IsOSVer("6.0.6001") Then strOSVer = "Vista / 2008 SP1" WriteLog "" If bolWriteLog Then WriteLog "OS is Windows Vista / Server 2008 SP1" End If End If If IsOSVer("6.0.6000") Then strOSVer = "Vista RTM" WriteLog "" If bolWriteLog Then WriteLog "OS is Windows Vista RTM" End If End If 'Write final empty log line for section WriteLog "" '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ '// ############################### Global Settings ############################### \\ '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Create Login Progress Bar application: ProgressBar("Create ""Login Script") WScript.sleep 100 '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Synchronize PC's time with a domain controller: ProgressBar("SetText 1 ""Setting time") WScript.sleep 100 WriteLog "------------- Configuring Machine Time --------------" WriteLog "" objShell.run "net time /domain: " & strDomain & " /set /yes", 0, TRUE If Err.Number = 0 Then objLogFile.WriteLine(Now() & ": Success: Machine time for computer " & strComputerName & " synchronized with " & strDomain & " domain" ) Else objLogFile.WriteLine(Now() & ": Failure: Machine time for computer " & strComputerName & " not synchronized with " & strDomain & " domain" ) End If WriteLog "" ProgressBar("SetPos 1 5") WScript.sleep 300 'Write final empty log line for section WriteLog "" '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ '// #################### Settings based on user/group/machine ##################### \\ '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Remove mapped drives and printers before continuing: ProgressBar("SetText 1 ""Removing old mapped drives and printers") ProgressBar("SetPos 1 20") On Error Resume Next For i = 0 to objDrives.Count - 1 Step 2 'WScript.Echo objDrives.Item(i+1) objNetwork.RemoveNetworkDrive objDrives.Item(i),True,True Next WScript.sleep 600 On Error Resume Next For i = 0 to objPrinters.Count - 1 Step 2 'WScript.Echo objPrinters.Item(i+1) objNetwork.RemovePrinterConnection objPrinters.Item(i+1) Next WScript.sleep 600 '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Skip printer mappings If the computer is a member of a specific group: If IsComputerMember("PrintServers") Then bolManagePrinters = False writeLog "Printer Management Disabled for Terminal Servers" ' Exclude anyone logging on to a print server from creating printers. End If '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Domain Users Domain Group check: On Error Resume Next If isMember("Domain Users") Then WriteLog "" WriteLog "Processing 'Domain Users' Script Profile" WriteLog "" WriteLog "---------------- Profile Redirection ----------------" WriteLog "" ProgressBar("SetText 1 ""Redirecting Domain Users folders") WScript.sleep 100 RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cookies", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Cookies" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Desktop" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Favorites", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Favorites" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\History", "\\FILESERVER\Profiles$\Windows\" & strUser & "\History" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Recent", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Recent" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Personal", "\\FILESERVER\Profiles$\Windows\" & strUser , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Music", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Music" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Pictures", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Pictures" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Video", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Video" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{374DE290-123F-4565-9164-39C4925E467B}", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Downloads" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData", "\\FILESERVER\Profiles$\Windows\" & strUser & "\AppData" , "REG_EXPAND_SZ" ProgressBar("SetPos 1 25") WScript.sleep 300 WriteLog "" WriteLog "------------------ Drive Mappings -------------------" WriteLog "" ProgressBar("SetText 1 ""Mapping Domain Users drives") WScript.sleep 100 DriveMapper "H:", "\\FILESERVER\Home$\Windows\" & strUser , "Home" DriveMapper "L:", "\\FILESERVER\Profiles$\Windows\" & strUser , "Profile" DriveMapper "P:", "\\FILESERVER\Public", "Public" DriveMapper "S:", "\\FILESERVER\Applications$", "Apps" DriveMapper "V:", "\\FILESERVER\system$", "Access System Files" WriteLog "" WriteLog "" ProgressBar("SetPos 1 30") WScript.sleep 300 If isMember("Quick Books") Then ProgressBar("SetText 1 ""Mapping Quick Books drives") WScript.sleep 100 WriteLog "" DriveMapper "Q:", "\\FILESERVER\QuickBooks$" objShellApp.NameSpace(qDrive).Self.Name = "QuickBooks" WriteLog "" ProgressBar("SetPos 1 40") WScript.sleep 300 End If WriteLog "" WriteLog "----------------- Printer Mappings ------------------" WriteLog "" If isOUMember("North Campus") Then ProgressBar("SetText 1 ""Mapping North Campus printers") WScript.sleep 100 WriteLog "" AddPrinter "\\PRINTSERVER\PRINTER01" AddPrinter "\\PRINTSERVER\PRINTER02" AddPrinter "\\PRINTSERVER\PRINTER04" AddPrinter "\\PRINTSERVER\PRINTER05" SetPrinterDefault "\\PRINTSERVER\PRINTER02" WriteLog "" WriteLog "" ProgressBar("SetPos 1 52") WScript.sleep 300 If isMember("Accounting") Then ProgressBar("SetText 1 ""Mapping Accounting printers") WScript.sleep 100 WriteLog "" AddPrinter "\\PRINTSERVER\PRINTER06" 'SetPrinterDefault "\\PRINTSERVER\PRINTER06" WriteLog "" ProgressBar("SetPos 1 54") WScript.sleep 300 End If If isUser("usera") Then ProgressBar("SetText 1 ""Mapping usera's printers") WScript.sleep 100 WriteLog "" AddPrinter "\\PRINTSERVER\PRINTER03" SetPrinterDefault "\\PRINTSERVER\PRINTER03" WriteLog "" ProgressBar("SetPos 1 58") WScript.sleep 300 End If End If If isOUMember("South Campus") Then ProgressBar("SetText 1 ""Mapping South Campus printers") WScript.sleep 100 WriteLog "" AddPrinter "\\PRINTSERVER\PRINTER01" AddPrinter "\\PRINTSERVER\PRINTER02" AddPrinter "\\PRINTSERVER\PRINTER04" AddPrinter "\\PRINTSERVER\PRINTER05" SetPrinterDefault "\\PRINTSERVER\PRINTER01" WriteLog "" WriteLog "" ProgressBar("SetPos 1 60") WScript.sleep 300 If isMember("Accounting") Then ProgressBar("SetText 1 ""Mapping Accounting printers") WScript.sleep 100 WriteLog "" AddPrinter "\\PRINTSERVER\PRINTER06" SetPrinterDefault "\\PRINTSERVER\PRINTER06" WriteLog "" ProgressBar("SetPos 1 62") WScript.sleep 300 End If If isUser("userb") Then ProgressBar("SetText 1 ""Mapping userb's printers") WScript.sleep 100 WriteLog "" AddPrinter "\\PRINTSERVER\PRINTER03" WriteLog "" ProgressBar("SetPos 1 66") WScript.sleep 300 End If End If WriteLog "" WriteLog "----------------- Registry Policies -----------------" WriteLog "" ProgressBar("SetText 1 ""Setting profile policies") WScript.sleep 100 'Internet Explorer 'Disable Internet Connection Wizard: RegWrite "HKCU\Software\Microsoft\Internet Connection Wizard\Completed", "1", "REG_DWORD" 'Disable changing proxy settings: RegWrite "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\Proxy", "1", "REG_DWORD" 'Disable Reset Web Settings feature: RegWrite "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\ResetWebSettings", "1", "REG_DWORD" 'Disable automatic check for software updates: RegWrite "HKCU\Software\Microsoft\Internet Explorer\Main\NoUpdateCheck", "1", "REG_DWORD" 'System 'Require alphanumeric password: RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Network\AlphanumPwds", "1", "REG_DWORD" 'No workgroup contents in network neighborhood: RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoWorkgroupContents", "1", "REG_DWORD" 'Hide L, N, S, and V drive letters: RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives", &H00242800, "REG_DWORD" WriteLog "" ProgressBar("SetPos 1 75") WScript.sleep 300 End If '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Domain Admins Domain Group check: If isMember("Domain Admins") Then WriteLog "" WriteLog "Processing 'Domain Admins' Script Profile" WriteLog "" ProgressBar("SetText 1 ""Redirecting Domain Admins folders") WScript.sleep 100 WriteLog "" WriteLog "---------------- Profile Redirection ----------------" WriteLog "" If isUser("otheradmin") Then ProgressBar("SetText 1 ""Redirecting otheradmin's folders") WScript.sleep 100 WriteLog "" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cookies", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Cookies" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Desktop" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Favorites", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Favorites" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\History", "\\FILESERVER\Profiles$\Windows\" & strUser & "\History" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Recent", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Recent" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Personal", "\\FILESERVER\Profiles$\Windows\" & strUser , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Music", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Music" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Pictures", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Pictures" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Video", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Video" , "REG_EXPAND_SZ" 'RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{374DE290-123F-4565-9164-39C4925E467B}", "\\FILESERVER\Profiles$\Windows\" & strUser & "\Downloads" , "REG_EXPAND_SZ" 'RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData", "\\FILESERVER\Profiles$\Windows\" & strUser & "\AppData" , "REG_EXPAND_SZ" WriteLog "" WScript.sleep 300 Else ProgressBar("SetText 1 ""Redirecting Domain Admins folders") WScript.sleep 100 WriteLog "" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cookies", "%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Cookies" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop", "%USERPROFILE%\Desktop" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Favorites", "%USERPROFILE%\Favorites" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\History", "%USERPROFILE%\AppData\Local\Microsoft\Windows\History" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Recent", "%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Personal", "%USERPROFILE%\Documents" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Music", "%USERPROFILE%\Music" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Pictures", "%USERPROFILE%\Pictures" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Video", "%USERPROFILE%\Videos" , "REG_EXPAND_SZ" 'RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{374DE290-123F-4565-9164-39C4925E467B}", "%USERPROFILE%\Downloads" , "REG_EXPAND_SZ" RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData", "%USERPROFILE%\AppData\Roaming" , "REG_EXPAND_SZ" WriteLog "" WScript.sleep 300 End If ProgressBar("SetPos 1 25") WScript.sleep 300 WriteLog "" WriteLog "------------------ Drive Mappings -------------------" WriteLog "" ProgressBar("SetText 1 ""Mapping Domain Admins drives") WScript.sleep 100 DriveMapper "H:", "\\FILESERVER\Home$\Windows\" & strUser , "Home" DriveMapper "L:", "\\FILESERVER\Profiles$\Windows\" & strUser , "Profile" DriveMapper "M:", "\\FILESERVER\adminshare$", "Admin" DriveMapper "P:", "\\FILESERVER\Public", "Public" DriveMapper "Q:", "\\FILESERVER\QuickBooks$", "QuickBooks" DriveMapper "S:", "\\FILESERVER\Applications$", "Apps" DriveMapper "V:", "\\FILESERVER\system$", "MS Access System Files" WriteLog "" WriteLog "" ProgressBar("SetPos 1 50") WScript.sleep 300 ProgressBar("SetText 1 ""Mapping Domain Admins printers") WScript.sleep 100 WriteLog "" WriteLog "----------------- Printer Mappings ------------------" WriteLog "" AddPrinter "\\PRINTSERVER\PRINTER01" AddPrinter "\\PRINTSERVER\PRINTER06" AddPrinter "\\PRINTSERVER\PRINTER02" AddPrinter "\\PRINTSERVER\PRINTER03" AddPrinter "\\PRINTSERVER\PRINTER04" AddPrinter "\\PRINTSERVER\PRINTER05" SetPrinterDefault "\\PRINTSERVER\PRINTER01" WriteLog "" WriteLog "" ProgressBar("SetPos 1 70") WScript.sleep 300 If isOUMember("North Campus") Then ProgressBar("SetText 1 ""Mapping North Campus printers") WScript.sleep 100 WriteLog "" SetPrinterDefault "\\PRINTSERVER\PRINTER02" WriteLog "" ProgressBar("SetPos 1 72") WScript.sleep 300 End If If isOUMember("South Campus") Then ProgressBar("SetText 1 ""Mapping South Campus printers") WScript.sleep 100 WriteLog "" SetPrinterDefault "\\PRINTSERVER\PRINTER01" WriteLog "" ProgressBar("SetPos 1 75") WScript.sleep 300 End If ProgressBar("SetText 1 ""Setting Domain Admins Registry Policies") WScript.sleep 100 WriteLog "" WriteLog "----------------- Registry Policies -----------------" WriteLog "" WriteLog "No policies written for Domain Admins" WriteLog "" ProgressBar("SetPos 1 80") WScript.sleep 300 End If 'Write final empty log line for section WriteLog "" '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ '// ############################ Temp File Cleanup ################################ \\ '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Delete files from temp directory: WriteLog "---------------- Deleting Temp Files ----------------" WriteLog "" ProgressBar("SetText 1 ""Cleaning up") WScript.sleep 100 intcount = 0 Set objFiles = objTempFolder.Files For Each strFile In objFiles On Error Resume Next strFile.delete intCount = intCount +1 Next WriteLog intCount & " temp files were deleted" ProgressBar("SetPos 1 95") WScript.sleep 300 'Write final empty log line for section WriteLog "" '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ '// ############################################################################### \\ '// ################## ^^^^^^^^^^ CHANGE SCRIPT ABOVE ^^^^^^^^^^ ################## \\ '// ####################### DO NOT EDIT BELOW THIS SECTION ######################## \\ '// ############################################################################### \\ '//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \\ WriteLog "" '// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '// '// Subs and Functions ProgressBar("SetPos 1 100") WScript.sleep 100 ProgressBar("SetText 1 ""Login script finished") WScript.sleep 2000 ProgressBar("shutdown") WriteLog "#####################################################" WriteLog "################ End Login Script ###################" WriteLog "#####################################################" Set objNetwork = Nothing Set objDrives = Nothing Set objComputer = Nothing Set objShell = Nothing Set objFileSystem = Nothing Set objLogFile = Nothing Set objFSO = nothing Set strFile = nothing Set objFiles = nothing Wscript.Quit Function IsOSVer(sOSVer) On Error Resume Next Dim sThisComputer, oWMIService, cItems, oItem, sVer, intComparison sThisComputer = "." Set oWMIService = GetObject("winmgmts:\\" & sThisComputer & "\root\cimv2") Set cItems = oWMIService.ExecQuery("Select * from Win32_OperatingSystem",,48) For Each oItem In cItems intComparison = StrComp(oItem.Version ,sOSVer ,1) If intComparison = 0 Then isOSVer = True If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: OS Version is " & sOSVer ) End If Exit Function Else isOSVer = False End If Next End Function Function IsUser(sUser) Dim intComparison intComparison = StrComp(strUser ,sUser ,1) If intComparison = 0 Then IsUser = True If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: User is " & strUser) End If Exit Function Else IsUser = False End If End Function Function IsMember(sGroup) Dim oDict, oUser, oGroup If IsEmpty(oDict) Then Set oDict = CreateObject("Scripting.Dictionary") oDict.CompareMode = vbTextCompare Set oUser = GetObject("WinNT://" & strAdsPath & ",user") For Each oGroup In oUser.Groups oDict.Add oGroup.Name, "-" Next Set oUser = Nothing End If IsMember = CBool(oDict.Exists(sGroup)) If IsMember And bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: User is member of " & sGroup) End If End Function Function IsOUMember(sOU) Dim oConnection, oCommand, oRecordSet Dim strDN, arrPath, intLength, intNameLength, intComparison Const ADS_SCOPE_SUBTREE = 2 Set oConnection = CreateObject("ADODB.Connection") Set oCommand = CreateObject("ADODB.Command") oConnection.Provider = "ADsDSOObject" oConnection.Open "Active Directory Provider" Set oCommand.ActiveConnection = oConnection oCommand.Properties("Page Size") = 1000 oCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE oCommand.CommandText = _ "SELECT distinguishedName FROM 'LDAP://dc=DOMAIN,dc=to'WHERE objectCategory='user'AND sAMAccountName='" & strUser & "'" Set oRecordSet = oCommand.Execute oRecordSet.MoveFirst Do Until oRecordSet.EOF strDN = oRecordSet.Fields("distinguishedName").Value arrPath = Split(strDN, ",") intLength = Len(arrPath(1)) intNameLength = intLength - 3 strUserOU = Right(arrPath(1), intNameLength) oRecordSet.MoveNext Loop intComparison = StrComp(strUserOU ,sOU ,1) If intComparison = 0 Then IsOUMember = True If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: User is a member of " & strUserOU) End If Exit Function Else IsOUMember = False End If End Function Function IsComputerMember(sGroup) Dim oGroup On Error Resume Next Set oGroup = GetObject("WinNT://" & strDomain & "/" & sGroup & ",group") IsComputerMember = CBool(oGroup.IsMember(objComputer.ADsPath & "$")) If IsComputerMember And bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Computer is member of " & sGroup) Set oGroup = Nothing If Not Err.Number = 0 Then 'nothing to see here, move along End If End If On Error Goto 0 End Function Sub WriteLog(sEntry) If bolWriteLog Then objLogFile.WriteLine(Now() & ": Log: " & sEntry) End If End Sub Sub DriveMapper(sDrive, sShare, sName) On Error Resume Next objNetwork.MapNetworkDrive sDrive, sShare If Err.Number = 0 Then objShellApp.NameSpace(sDrive).Self.Name = sName If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Connect """ & sDrive & """ to share """ & sShare & """ with name """ & sName & """") End If Else If bolWriteLog Then objLogFile.WriteLine(Now() & ": Log: Unable to connect """ & sDrive & """ to share """ & sShare & """ with name """ & sName & """") End If On Error Goto 0 End Sub Sub AddPrinter(sPrinterUNC) On Error Resume Next If Not bolManagePrinters Then If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Printer connection skipped because disabled (" & _ strUser & " on " & strComputerName & ")") End If Else objNetwork.AddWindowsPrinterConnection sPrinterUNC If Err.Number = 0 Then If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Connect to printer: " & sPrinterUNC) End If Else If bolWriteLog Then objLogFile.WriteLine(Now() & ": Failed: Connect to printer: " & sPrinterUNC) End If End If End If On Error Goto 0 End Sub Sub RemovePrinter(sPrinterUNC) If Not bolManagePrinters Then If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Printer connection skipped because disabled (" & _ strUser & " on " & strComputerName & ")") End If Else Dim oPrinters Set oPrinters = objNetwork.EnumPrinterConnections For i = 0 To oPrinters.Count - 1 Step 2 If uCase(oPrinters.Item(i+1)) = uCase(sPrinterUNC) Then On Error Resume Next objNetwork.RemovePrinterConnection sPrinterUNC, True, True If Err.Number = 0 Then If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Remove printer: " & sPrinterUNC) Else If bolWriteLog Then\ objLogFile.WriteLine(Now() & ": Failed: Remove printer: " & sPrinterUNC) End If On Error Goto 0 Exit Sub End If Next End If If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Remove printer: " & sPrinterUNC & " (Printer did not exist)" ) End If End Sub Sub RemovePrintersFromServer(sServerName) If Not bolManagePrinters Then If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Printer connection skipped because disabled (" & _ strUser & " on " & strComputerName & ")") End If Else Dim oPrinters, aPrinter If bolWriteLog Then objLogFile.WriteLine(Now() & ": Removing all printers from: " & ucase(sServerName)) Set oPrinters = objNetwork.EnumPrinterConnections For i = 0 to oPrinters.Count - 1 Step 2 On Error Resume Next aPrinter = split(uCase(oPrinters.Item(i+1)),"\",-1, 1) '" If Not UBound(aPrinter) = 0 Then 'this is not a local printer, process code If aPrinter(2) = ucase(sServerName) Then objNetwork.RemovePrinterConnection oPrinters.Item(i+1), True, True If Err.Number = 0 Then If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Remove printer: " & oPrinters.Item(i+1)) End If Else If bolWriteLog Then objLogFile.WriteLine(Now() & ": Failed: Remove printer: " & oPrinters.Item(i+1)) End If End If End If End If aPrinter = "" On Error Goto 0 Next End If If bolWriteLog Then objLogFile.WriteLine(Now() & ": Removed all printers from: " & ucase(sServerName)) End If End If End Sub Sub SetPrinterDefault(sPrinterUNC) On Error Resume Next If Not bolManagePrinters Then If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Default printer to " & sPrinterUNC & _ " skipped because disabled (" & strUser & " on " & strComputerName & ")") Else objNetwork.SetDefaultPrinter sPrinterUNC If Err.Number = 0 Then If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Set as Default: " & sPrinterUNC) End If Else If bolWriteLog Then objLogFile.WriteLine(Now() & ": Failed: Set as Default: " & sPrinterUNC) End If End If End If On Error Goto 0 End Sub Sub PutEnv(sName, sValue) Dim oEnv Set oEnv = objShell.Environment("USER") oEnv(sName) = sValue If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Set user variable """ & sName & """ to: """ & sValue & """") End If Set oEnv = Nothing End Sub Sub Run(ByVal sFile) On Error Resume Next 'objShell.Run Chr(34) & sFile & Chr(34), 1, False objShell.Run sFile, 1, False If Err.Number = 0 Then If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Execute: " & sFile) End If Else If bolWriteLog Then objLogFile.WriteLine(Now() & ": Failed: Execute: " & sFile & " with error " & Err.Number) End If End If On Error Goto 0 End Sub Sub FileCopy(sSource, sTarget) On Error Resume Next objFileSystem.CopyFile sSource, sTarget If Err.Number = 0 Then If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Copy: " & sSource & " to " & sTarget) End If Else If bolWriteLog Then objLogFile.WriteLine(Now() & ": Failed: Copy: " & sSource & " to " & sTarget) End If End If On Error Goto 0 End Sub Sub RegWrite(sRegValue, sRegData, sRegType) On Error Resume Next objShell.Regwrite sRegValue, sRegData, sRegType If Err.Number = 0 Then If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Reg value " & sRegValue & " set to " & sRegData & " as type " & sRegType ) End If Else If bolWriteLog Then objLogFile.WriteLine(Now() & ": Failed: Reg value " & sRegValue & " not set to " & sRegData) End If End If On Error Goto 0 End Sub Function isThisIP(sThisAddress) On Error Resume Next Dim sThisComputer, oWMIService, cItems, oItem ,sAddress sThisComputer = "." Set oWMIService = GetObject("winmgmts:\\" & sThisComputer & "\root\cimv2") Set cItems = oWMIService.ExecQuery ("Select * From Win32_NetworkAdapterConfiguration Where IPEnabled = True") For Each oItem In cItems 'cycle all adapters 'objItem.MACAddress 'this is the mac address, just in case For Each sAddress In oItem.IPAddress 'cycle all ip addresses for this adapter If sAddress = sThisAddress Then isThisIP = True If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Found IP " & sThisAddress ) Exit function End If End If Next Next If Err.Number = 0 Then If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Did not find IP " & sThisAddress ) End If Else If bolWriteLog Then objLogFile.WriteLine(Now() & ": Failed: An error occurred looking for IP " & sThisAddress ) End If End If isThisIP = False On Error goto 0 End Function Function isThisMachine(sThisMachine) On Error Resume Next If sThisMachine = strComputer Then isThisMachine = True If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Machine name is " & sThisMachine ) Exit function End If End If If Err.Number = 0 Then If bolWriteLog Then objLogFile.WriteLine(Now() & ": Success: Machine name is not " & sThisMachine ) End If Else 'nothing to see here, move along End If isThisMachine = False On Error goto 0 End Function Sub ProgressBar(params) objShell.Run """" & strUserProfile & "\progressbar.exe"" " & params End Sub