VBScript program demonstrating the use of an efficient IsMember function to test for group membership in a logon script. The IsMember function reveals membership in nested groups. However, it does not reveal membership in the "Primary Group". The IsMember function uses a dictionary object, so that group memberships only have to be enumerated once, no matter how many times the function is called.

The logon script uses the ADSystemInfo object to retrieve the Distinguished Name of the user and the computer. This object is only available on Windows 2000 and Windows XP clients. The LDAP provider is used to bind to the user object and the computer object.

This program will only work on Windows 2000 and Windows XP clients.

This logon script demonstrates how to use the IsMember function to map drives to network shares according to user group membership. It also demonstrates how to map local ports to shared printers according to computer group membership.

The program includes a MapDrive function to map drive letters to network shares. The function determines if the drive letter is already in use. If it is, it then determines if the drive is a network drive. If the drive is a network drive, the function attempts to remove the mapping. This function is useful if you expect the drive letter to be in use, perhaps because the user configured a persistent connection, and you want to enforce the mapping in the logon script. The script does not map the user home directory, since this happens automatically if the client OS is Windows 2000 or Windows XP.

Logon3.txt <<-- Click here to view or download the program