VBScript program demonstrating the simplest method to test for group membership in a logon script. Instead of a separate IsMember function, this program uses the group object IsMember method. This requires binding to the group object for the group whose membership is being tested. The group IsMember method does not reveal membership in nested groups or the "Primary Group". This technique will not be efficient if there are many groups to test for membership.

The logon script incorporates a loop to retrieve the UserName from the wshNetwork object. This loop is only necessary on Windows 95/98 clients during logon. Without it, the wshNetwork object would return a blank string for UserName. The LDAP provider is used to bind to the user object.

The RootDSE object is used to obtain the DNS domain name. The NameTranslate object is used to convert the DNS domain name to the NetBIOS domain name. The NameTranslate object is used again to convert the NetBIOS domain name and the NT Name returned by the wshNetwork object to the Distinguished Name required by LDAP.

If the logon script does not have to support any clients except those with Windows 2000 or above, the ADSystemInfo object can be used to bind to the user and computer objects.

This program should work on any 32-bit Windows client that can log onto the domain. Windows NT and Windows 98/95 clients should have DSClient installed. If DSClient is not installed, WSH and ADSI should be installed.

This logon script demonstrates how to map drives to network shares according to user group membership. It also demonstrates how to map local ports to shared printers according to computer group membership. This script also demonstrates how to map the user home directory specified in Active Directory to the appropriate drive letter.

Logon4.txt <<-- Click here to view or download the program