Sites can be identified in AD (see the @SITE macro) or via subnet.
Login scripts run in the User context.
Changing the admin password is not a login process - it is an admin process and you can find many examples of how to accomplish this right from your desk, run as a domain admin.
I don't really understand your last concern. We have clients who have hundreds of sites with thousands of users and have no problem mapping to resources without any level of admin access.
Maybe you should look at the pre-made login script on my web site. The manual PDF is linked to the main login-script page. It should provide you with many ideas of what can be done via login script. Look in Products / Admin Toolchest / Universal Login Script to find the link to the user guide.
Glenn
_________________________
Actually I
am a Rocket Scientist!
