+ Simplifying Login Scripts
by Jason Bell
You must standardize and centralize the management of login scripts in order to simplify them. The following is an example of simplifying login scripts to map drives and printers based on vbscript and Active directory. This script also provides a great deal of automation.
Many times, login scripts are created for every department or location resulting in a large number scripts to maintain. Others may choose to implement a 'monolithic' script that is filled with 'ifmember' functions to map drives based on group membership. In both cases drive and printer modifications require changes to the script(s). Depending upon the environment, this may become difficult to maintain. I have worked in environments where there have been over 200 scripts for one particular department. Also, in the other environments where large scripts were run by every user using 'ifmember' techniques. Both styles of login scripts may become very taxing as the business grows and expands.
The following example utilizes only one relatively small vbscript to map all drives and printers for user based on group membership. However, there is no need to shell out and execute a 3rd party tool to generate membership lists. The idea is to place processing instructions on the groups in Active Directory. More times than not, the group will be used to control access to the resource – why not also include the instructions to get to the resources.
The script relies on a particular format in the Notes field of the group. One formatted instruction may be place per line in the notes field. The format is Action; Parameter; Parameter; ….. You may add additional functionality to the script and allow for as many parameters you like. For now there are 2 Actions: Drive and Printer. Drive has 2 parameters: Drive Letter and Path. The printer only requires 1 parameter: Path to Printer on printer server. The printer mapping capabilities will only map to printers connected to a windows print server. The printer server will deploy the appropriate driver at the time of connection.
There are a couple of downsides to the script. Order of Operations is simply last group wins. That is to say that if a user is a member of multiple groups that map the same drive – there will be a conflict of drive letters. It is possible to modify the script to add functionality. I will write a follow up to this article with a tool to generate a resultant set of drive and printer mappings on a per user basis. This will help identify overlap in drive mappings.