[THIN] Re: redirect my documents
- From: "Braebaum, Neil" <Neil.Braebaum@xxxxxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Tue, 16 Sep 2003 16:39:44 +0100
As to point 1 - that's all well and good - but how does the script,
running at the start of the users session establish the OU, and the
resources within?
And paragraph 2 - how do you establish a users DN, unless you know it,
or search for it?
These are normally the obstacles when writing code that attempts to
leverage the structure of AD / a directory.
That's not to say it's not possible - in fact my initial reply was that
it *is* possible. Merely that your comments suggest it's an easy,
obvious thing available straightaway via an elementary script.
As an example, I've deployed login scripts that use the computers (PC)
location in AD, in order to establish which printers to map for a user.
I have also written scripts to establish the same for users and access
to shares published in AD. This doesn't require anything being
hard-coded into scripts in terms of group memberships, or the like. But
in order to not gloss over the reality of doing such a thing, the DN
(either for a computer, or user) is not automagically available - unless
you hard-code it. You would need to include some logic within your
script to *establish* the DN, before you can start thinking about other
aspects of the directory structure.
It's a chicken / egg thing, normally. By the time you've done the work
to establish the DN for an object, you already know it's location. The
trick is finding the object...
Neil
-----Original Message-----
From: Joe Shonk [mailto:joe@xxxxxxxxxxxxxxxxxxx]
Sent: 16 September 2003 16:26
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: redirect my documents
I suppose there are several ways to do this; either
create/maintain multiple logon scripts and apply those directly to each
OU via GPOs or create one universal logon script and parse for OU
membership.
OU Membership can be obtaining by parsing the user's
distinguished name. If lower level OUs do not overlap in name, a simple
instr() function could be make things simpler.
Joe
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx
[mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Braebaum, Neil
Sent: Tuesday, September 16, 2003 1:40 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: redirect my documents
He said "organizational unit's members" - ifmember is not going
to help with that - unless it just happens that there is a group that
also happens to encapsulate all the OUs members.
As I said in another reply, it is possible to establish OU
membership using ADSI scripting - but it's not exactly the most obvious
thing.
But ideally, this is the way it should go... going back in time
to the NT domain structure - all this "magic", all this information was
largely within login scripts - big long lists of groups, and resources
that should be mapped depending on these group memberships.
But with AD, AD is your repository, AD should be your directory
store, AD should be the area where this "magic" is stored - and the
login script should be unspecific and merely query the information
that's in AD. So within AD structures, you could organise your printer
resources (print shares) and the appropriate file share resources, and
the login script merely establish the users position within AD,
interrogate what resources are appropriate for this users location, and
map them accordingly - that, ultimately, is the purpose of directories -
they become your repository for this information.
Neil
-----Original Message-----
From: Kinchen, Tyler [mailto:KinchenT@xxxxxxxxxxxx]
Sent: 15 September 2003 16:55
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: redirect my documents
Go get ifmember from
http://www.microsoft.com/windows2000/techinfo/reskit/tools/new/ifmember-
o.asp. Create a group in the OU and then create a batch file that maps
the drive if they are a member of that group.
ifmember "nameofgroup"
if errorlevel 1
net use t: \\servername\storage\accounting-unit
<file:///\\servername\storage\accounting-unit>
Regards,
Tyler Kinchen
-----Original Message-----
From: Victor Ortiz [mailto:boritec@xxxxxxxxxxx]
Sent: Monday, September 15, 2003 11:20 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] redirect my documents
Hi,
I want to create a UNC share for an
organizational unit's members and make it available only to the members
of the unit as a fixed drive. For example, T: mapped to
\\servername\storage\accounting-unit
<file:///\\servername\storage\accounting-unit>
Can someone describe the steps to achieve this?
Would I have to publish the mapped drive for them to be able to access
it?
Thanks,
***********************************************
This e-mail and its attachments are confidential
and are intended for the above named recipient
only. If this has come to you in error, please
notify the sender immediately and delete this
e-mail from your system.
You must take no action based on this, nor must
you copy or disclose it or any part of its contents
to any person or organisation.
Statements and opinions contained in this email may
not necessarily represent those of Littlewoods.
Please note that e-mail communications may be monitored.
The registered office of Littlewoods Limited and its
subsidiaries is 100 Old Hall Street, Liverpool, L70 1AB.
Registered number of Littlewoods Limited is 262152.
************************************************
Other related posts:
