AD Driven Logon Scripts

Posted by Mark Sullivan on 9 February 2011 | 0 Comments

Tags: Logon Scripts, Active Directory, Mapping Drives

Active Directory Driven Logon Scripts

In this video we are demonstrating a paradigm shift on mapping drives and printers. We will put in place a VBScript that runs as "an engine" that is set and left and does not need to be continually updated, It will read AD groups and process the logic to map the resources we need. This methodology helps in so many ways.

• It allows for easy shared administration. Admins use AD users and computers and manage groups. No chances of multple peolple getting in and modifying scripts with chances of making a syntax error causing the whole script to fail.
• Its what we are doing anyway. Best practice to giving access to shared data areas is to create a group, put people in the group and assign permissions... So if a drive letter mapping is needed why not just finish the job right there?
• It gives a nice "dashboard" showing all the mappings and shared data access.
• Assigned to Groups, not OU's.

There are several ways to go about these common tasks. Group Policy Preferences probably being the best new method. Group Policies are awesome and especially GPO preferences, the one thing that always urked me about group policies though is they are not applied to a "group", they are applied to OU's, yeah sure you can filter for groups within the OU, but now we are raising the complexity..

Again not saying any one way is wrong or bad.. Just different... There is never one tool that fits all scenarios, so just thought we would add another option. What are your thoughts, and how do you manage your drive mappings?

Mark-