Page 1 of 1 1
Topic Options
#183687 - 2007-12-15 02:41 AM Complete login script.
Björn Offline
Korg Regular
*****

Registered: 2005-12-07
Posts: 953
Loc: Stockholm, Sweden.
Edit: This is a rewrite since long ago, Free to use and modify.

REASON OF POSTING:
This community has given me so much since I started sniffing this place for usefull information - time to give something back.
Code and instructions as follows;

BUILD NOTES:
This build was working correctly with a 2003 AD, kix 4.5x and XP clients.

Create a GPO with user-logon-script pointing toward wkix32.exe
in same catalouge create following files:

kixtart.kix
 Code:
;Main file.

if NOT @LOGONMODE
Break On
EndIf

$silent=SetOption('Explicit','ON')
$silent=SetOption('CaseSensitivity','OFF')
$silent=SetOption('NoMacrosInStrings','OFF')
 
Dim $func_dir,$file_dir,$FileName
;Define values
$func_dir = @scriptdir
$file_dir = @scriptdir

 
;call functions 
 
$FileName = Dir($func_dir+"\fn*.kix")
While $FileName <> "" and @ERROR = 0
 call $func_dir+"\$FileName"
  $FileName = Dir() ; retrieve next file
Loop
;Call each *.udf file until an error occurs or there are no more files to call.

;next two lines enabled at testphase. 
;MessageBox ("Logon-Script started","Enable and change this text to enable messagebox with info regarding script running",64,)
;fnWriteLog("Script started at: " + @TIME+" "+ @DATE+" "+@LServer+" "+@USERID)

fnRemdrive("1.0") 

fnNetmap($func_dir+"\network.ref")


;fnWriteLog("Script ended at: " + @TIME+" "+ @DATE+" "+@LServer+" "+@USERID)

exit 


network.ref
 Code:
; Rev 1.0.0 
; Created: 
;  $Revision:  $ $Date: 200y/mm/dd  $
;
; Layout file for logon script
; 
 
[NetworkResources]
SetTime   = SetTime.NetworkResources
Group   = Group.NetworkResources
 
Domain   = Domain.NetworkResources
;Domain.GroupX = Controlgroups to sort by.

/*
[Controlgroup1]
Home.1      = h:,@homeShr,some group
SetTime.1   = ,@lserver,some group
NetShr.2	= i:,\\netshr\path,some group


fnnetmap.kix
 Code:
; Function for DriveMapping using a standard ini-shaped file (ie - network.ref).

function fnnetmap($path)
Dim $i,$domaingrp,$valuename,$value,$donotmap,$group
 
$i = 0
for each $domaingrp in split(left(readprofilestring($path,"",""), -1),chr(10))
  if $i = 0 and ingroup($domaingrp)
    $i = $i + 1 
    for each $valueName in split(left(readprofilestring($path,$domaingrp,""),-1),chr(10))
      $value = split(readprofilestring($path,$domaingrp,$valueName),",")
      $doNotMap = 0
      for each $group in split($value[2],"|")
        if left($group,1) = "!" and ingroup(substr($group,2))
          $doNotMap = 1
        endif
      next
      for each $group in split($value[2],"|")
        if ingroup($group) - $doNotMap
          select
           case left($valueName,7) = "NetShr."
            use $value[0] $value[1]
            if @error fnwritelog("Error occured in fnnetmap.kix."+ $value[0] +"|"+ $value[1]+"| "+ @error+" , "+ @serror) endif
           ;case left($valueName,8) = "SetTime."
            ;SETTIME "$value[1]"
            ;if @error fnwritelog("Error occured in fnnetmap.kix."+ $value[0] +"|"+ $value[1]+"| "+ @error+" , "+ @serror) endif
           case left($valueName,5) = "Home."
            use $value[0] @HomeShr 
            if @error fnwritelog("Error occured in fnnetmap.kix."+ $value[0] +"|"+ $value[1]+"| "+ @error+" , "+ @serror) endif
          endselect
        endif
      next
    next
  endif
next
endfunction


fnwritelog.kix
 Code:
;fnWriteLog.

Function fnWriteLog($text)
   Dim $rc, $loglile, $filehandle
   $filehandle = "7"
   $logfile = ExpandEnvironmentVars(%temp%) + "\logon.log"
   $rc = WriteLine ($filehandle, @Date + " " + @Time " - " + $text + @CRLF)
   If $rc < 0
      $rc = Close ($filehandle)
      $rc = Open ($filehandle, $logfile, 5)
      Select
         Case $rc = -1
            $rc = MessageBox ("Invalid file name (" + $logfile + ") specified for log file.","Logon Script Error",48)
         Case $rc = 0
            fnWriteLog ($text)
         Case $rc => 0
            $rc = MessageBox ("Error(" + $rc + ") while attempting to open log file (" + $logfile + ").","Logon Script Error",48)
      EndSelect
   EndIf
EndFunction


fnRemDrive.kix
 Code:
;fnRemDrive.

Function fnremdrive($checkvalue)
dim $checkval,$check,$wrcheck
$checkval="HKEY_CURRENT_USER\Software\ACME"
  $check=readvalue($checkval,"script")
  if @error = 0
   if NOT $check = $checkvalue
    USE * /DELETE /PERSISTENT
    $wrcheck=writevalue($checkval,"script",$checkvalue,"REG_SZ")
   endif
  endif
endfunction


Last function was in use due to some error in removing mappings/errors with mapping thanks to faulty handeling of mappings with kix 4.50 and/or a bad damn network.

NOTE: Most of this code exists thanks to this community - this is the reason I give it 'back'. Many hours of consulting-time was spent on this - but only to put it into production - NOT development - and the hours that was - code was provided to me by the inhabitants of kixtart.org.

Help or code optimation is always welcome. Better commenting as well. Go with the flow.

! Explanation :

running wkix32.exe / kix32.exe only will make the script look in @scriptdir for @userid.kix - next in line is kixtart.kix - this exists - and if you ever need a specific login for a user - simply create a main file with the username.

The main - kixtart.kix will enumerate (perhaps in a faulty manner) all fn*.kix files in @scriptdir - thus adding your own function will not require that much energy - and logging can always be added or edited due to the use of the function provided (fnwritelog.kix). The structure of the "ini" file containing the mappings should be self-explained. If errors found - please report it. This is a base to be handled. Several functions has been removed due to customer-specific-builds, built during work-hours and thus not mine to use anymore.

NOTE REGARDING fnRemDrive:
This function uses a reg key to be used as a version-handler - each time you update things you use a new version, if the new version is not equal to the version in the reg-key - remdrive will be used - this was used due to
to much troubleshooting faulty drives when servers was changed - new mappings added / removed.


NOTE REGARDING PATH TO SCRIPT! :
When I wrote and created this in 2006, I used the full scriptpath of\\domain\sysvol\fqdn.topdomain\{id}\[user(think it was)\scripts\ .
A bit messy - but safer than placing it in \\domain\netlogon\ due to 1. harder to find - security can be added within the applied logic - you apply this only to a specific WMI-filter/group-access via the GPO.

ISSUES:
Fast logon opt. may scr*w things up as usual. Nonworking script - disable it.

This is as always - WORK IN PROGRESS.
Questions/etc - provide it in the thread.

EDIT: just realized that the function for removing drives needs to check over - this due to a pre-relase/tested verions was posted. will be fixed.
EDIT: Added Mart's rewritten log-function :).
EDIT: Added break on/off in kixtart.kix
EDIT: Fixed subject spelling..
EDIT: Small revision \:\)


Edited by Björn (2015-05-12 04:34 PM)

Top
#183715 - 2007-12-16 03:06 PM Re: Compelete login script. [Re: Björn]
Mart Moderator Offline
KiX Supporter
*****

Registered: 2002-03-27
Posts: 4672
Loc: The Netherlands
Björn,

Nice work. Lots of legal mumbo-jumbo but I guess you work at some kind of security or government organisation

I especially like the way you call all functions. Just DIR() the functions folder and call whatever is in there. I'll be ripping, stealing borrowing that ;\) I'll also be looking into doing something like if exist username.kix call..... else call default.kix endif.

I inherited a huge pile of rubble as a network from my predecessors It worked but it squeaked and cried with every change we made. Slowly but surely we are getting stuff back on track so we have a clear idea of what we have and what we need before switching from Win2K to Win2K3. We are about 75% done with that and some of your tips and tricks did help in the past and will help with the last few hurdles we need to take in the first half of next year.
_________________________
Mart

- Chuck Norris once sold ebay to ebay on ebay.

Top
#183734 - 2007-12-16 08:15 PM Re: Compelete login script. [Re: Björn]
Mart Moderator Offline
KiX Supporter
*****

Registered: 2002-03-27
Posts: 4672
Loc: The Netherlands
Björn,

Quote from the shoutbox:
 Quote:

[Les] LOL... I didn't want to pee in your Cornflakes but you have vars in strings... tsk, tsk


Just to be sure Les stops peeing in your cornflakes I changed the fnWriteLog function a bit.
All vars and macro's are no longer in between quotes. I also added the ExpandEnvironmentVars to the path for the log file.

 Code:
Function fnWriteLog($text)
   Dim $rc, $loglile, $filehandle
   $filehandle = "7"
   $logfile = ExpandEnvironmentVars(%temp%) + "\logon.log"
   $rc = WriteLine ($filehandle, @Date + " " + @Time " - " + $text + @CRLF)
   If $rc < 0
      $rc = Close ($filehandle)
      $rc = Open ($filehandle, $logfile, 5)
      Select
         Case $rc = -1
            $rc = MessageBox ("Invalid file name (" + $fogfile + ") specified for log file.","Logon Script Error",48)
         Case $rc = 0
            fnWriteLog ($text)
         Case $rc => 0
            $rc = MessageBox ("Error(" + $rc + ") while attempting to open log file (" + $logfile + ").","Logon Script Error",48)
      EndSelect
   EndIf
EndFunction


If I'm going to use it in my production environment I would add some lines that would mail the log to the admin(s) if there were more then 0 errors. On every logon I'd check for the existence of the log file and delete it if it exists.
_________________________
Mart

- Chuck Norris once sold ebay to ebay on ebay.

Top
#183738 - 2007-12-16 09:00 PM Re: Compelete login script. [Re: Mart]
Les Offline
KiX Master
*****

Registered: 2001-06-11
Posts: 12734
Loc: fortfrances.on.ca
ROFL... I posted that to the shoutbox cuz I didn't want to set the tone here... so much for that.

It was just a first observation... I just found it odd. NoMacrosInStrings was explicity set to off despite off being implicit yet in the code, macros were concatenated properly. NoVarsInStrings on the other hand was left implicitly off and vars were imbedded.

My other pet peeve is where there are one-liner IF constructs. When quickly scanning down the lines, it initially jumps out as missing ENDIFs which it is not. I realize one-liners are easier to copy/paste and that the indenting shows the true nesting but it still catches my mind's eye.

The SETTIME thing, I will hold my tongue on.

I don't know about others, but I've never understood the @HomeShr thing. If you map the HomeShr in the profile, why do it in KiX too? I've run into issues with some PCs not mapping it properly in the profile and if done in both places, I've run into conflict issues. I don't set it in the profile leaving it entirely upto the script to do.

Deleting drives... another point of confusion... if drives are mapped persistent, the /persistent switch is needed to delete them. If not mapped persistent, they shouldn't need to be deleted. What am I missing?
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.

Top
#183757 - 2007-12-17 09:45 AM Re: Compelete login script. [Re: Les]
Björn Offline
Korg Regular
*****

Registered: 2005-12-07
Posts: 953
Loc: Stockholm, Sweden.
Mart - Borrow away! Great to hear that my stuff can be used!
That kind of huge pile of cr*p I did inherit as well - this is the result of it :). Thank you for the rewrite - tossed it up instead.
Regarding the userpart of the script I found that the amount of users that acctually needed their own script - was so few but needed so much alteration so I used the built in function of kix (the first check for @userid.kix , then kixtart.kix ).

Les - that's because I did not write that function - someone else here did - and I did not sanitize it since it rolled anyway in the env.
SETTIME was used prev on adminmachines that wasn't really part of production - don't bite it off please ;).

I know - never really understood why we kept using it either - until we rebuilt the env. and ad kept missing to map it, that wasn't my real concern to fix, so I used it until they fixed it.

The drive deletion came because some did persistent mappings over certain map-letters, that was by policy to be used by what ever was mapped by us.
Needs to be rewritten to acctually work - this is old scrap from home when I started it out ;).
_________________________
as long as it works - why fix it?
If it doesn't work - kix-it!

Top
#195029 - 2009-07-25 05:00 AM Re: Compelete login script. [Re: Björn]
Björn Offline
Korg Regular
*****

Registered: 2005-12-07
Posts: 953
Loc: Stockholm, Sweden.
A bit to bump - just to get some feedback before I'll digg and get my newer version.
_________________________
as long as it works - why fix it?
If it doesn't work - kix-it!

Top
#195034 - 2009-07-25 01:12 PM Re: Compelete login script. [Re: Björn]
Mart Moderator Offline
KiX Supporter
*****

Registered: 2002-03-27
Posts: 4672
Loc: The Netherlands
Borrowed parts from it in the past and they are useful once more. Got a new job for about a year now (Aug-1) and we have one logon script that does about 5% of what can be done (and 50% of that 5% fails because of user and/or ex-admin actions) and it runs on 3.63 \:o I’ve been altering the stuff I used at my previous job to fit the network me and my colleague manage now and parts of your stuff are in it for sure.

Thanks again.
_________________________
Mart

- Chuck Norris once sold ebay to ebay on ebay.

Top
#198977 - 2010-07-12 10:36 AM Re: Compelete login script. [Re: Mart]
Björn Offline
Korg Regular
*****

Registered: 2005-12-07
Posts: 953
Loc: Stockholm, Sweden.
Nice!
( A tad late, but hey... \:\)
_________________________
as long as it works - why fix it?
If it doesn't work - kix-it!

Top
#201429 - 2011-01-19 11:06 PM Re: Compelete login script. [Re: Les]
Georges_K Offline
Getting the hang of it

Registered: 2005-02-17
Posts: 83
Loc: Chino, CA
 Quote:
I don't know about others, but I've never understood the @HomeShr thing. If you map the HomeShr in the profile, why do it in KiX too? I've run into issues with some PCs not mapping it properly in the profile and if done in both places, I've run into conflict issues. I don't set it in the profile leaving it entirely upto the script to do.


I completely agree with you, though, to add an interesting bit of information regarding this. I once had an issue with login scripts, and I had to call Microsoft: the homeshare in the user profile wasn't consistently being picked up by the logon script to map. They flat out told me that the only way that they support login scripts is if they are running from the GPO, and not from the Netlogon. Go figure...

Though there's some legit use for the GPO logon scripts, for some reason, I'm still partial for the netlogon scripts, but from that day on, I completely abandoned the net use /home nomenclature, and now rely on either ini files, or database to get use home dirs (at least until I have DFS fully implemented \:\) )
_________________________
Network Specialist
Chino Unified School District

Top
#202966 - 2011-08-24 02:42 PM Re: Compelete login script. [Re: Mart]
Björn Offline
Korg Regular
*****

Registered: 2005-12-07
Posts: 953
Loc: Stockholm, Sweden.
.

Edited by Björn (2011-08-24 10:55 PM)
_________________________
as long as it works - why fix it?
If it doesn't work - kix-it!

Top
#202967 - 2011-08-24 02:46 PM Re: Compelete login script. [Re: Björn]
Glenn Barnas Administrator Offline
KiX Supporter
*****

Registered: 2003-01-28
Posts: 4396
Loc: New Jersey
Mart / Shane - might just want to delete your messages since they no longer can be viewed in their original context.. Just creates confusion as Bjorn pointed out.

Glenn
_________________________
Actually I am a Rocket Scientist! \:D

Top
#202969 - 2011-08-24 03:29 PM Re: Compelete login script. [Re: Glenn Barnas]
Mart Moderator Offline
KiX Supporter
*****

Registered: 2002-03-27
Posts: 4672
Loc: The Netherlands
Done. Thanks.
_________________________
Mart

- Chuck Norris once sold ebay to ebay on ebay.

Top
Page 1 of 1 1


Moderator:  Glenn Barnas, NTDOC, Arend_, Jochen, Radimus, Allen, ShaneEP, Ruud van Velsen, Mart 
Hop to:
Shout Box

Who's Online
0 registered and 507 anonymous users online.
Newest Members
gespanntleuchten, DaveatAdvanced, Paulo_Alves, UsTaaa, xxJJxx
17864 Registered Users

Generated in 0.064 seconds in which 0.024 seconds were spent on a total of 13 queries. Zlib compression enabled.

Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org