VBScript program demonstrating the use of an efficient IsMember function to test for group membership in a logon script. The IsMember function reveals membership in nested groups. However, it does not reveal membership in the "Primary Group". The IsMember function uses a dictionary object, so that group memberships only have to be enumerated once, no matter how many times the function is called.

The logon script uses the ADSystemInfo object to retrieve the Distinguished Name of the user and the computer. This object is available on clients with Windows 2000 or above. The LDAP provider is used to bind to the user object and the computer object.

This program should not be used if any clients have Windows 95, Windows 98, Windows ME, or Windows NT.

This logon script demonstrates how to use the IsMember function to map drives to network shares according to user group membership. It also demonstrates how to map local ports to shared printers according to computer group membership.

The program includes a MapDrive function to map drive letters to network shares. The function determines if the drive letter is already in use. If it is, it then determines if the drive is a network drive. If the drive is a network drive, the function attempts to remove the mapping. This function is useful if you expect the drive letter to be in use, perhaps because the user configured a persistent connection, and you want to enforce the mapping in the logon script. The script does not map the user home directory, since this happens automatically if the client OS is Windows 2000 or above.

Logon3.txt <<-- Click here to view or download the program