I am soon to rollout a a new shared printer but want it to be applied to the user, this will be shared from our print server. I need a script that will check the user is a member of a group called xnlnelpct.nhs.uk\sg-print-navigo, if they are a member I want them to be mapped with \\nel-prt-01\nagivo.
I also want the script to remove any printers but leave any that are called Adobe or another which I think is CutePDF.
Can this be done?
Or if it cannot be done by a security group can it be done on what OU the user is in?
Any examples would be a help, need to start testing this soon and I am not a scripter.
I have a set of scripts that look for XXXX-YY-ZZZZ and as long as a printer is named XXXX-PB or PC-ZZZZ it will map it. We apply it at the school level of GPO. (I am at the District level here in the US and we have 100+ schools) I will gladly send them to you but since they are VBS our email will not let me So I would need to do it tonight. Let me know if you would like them.
Something to let you start (some excerpts from our script)
Set objNetwork = CreateObject("WScript.Network")
Set objAllDrives = objNetwork.EnumNetworkDrives
Set objPrinters = objNetwork.EnumPrinterConnections
strADUserName = objNetwork.UserName
strADComputerName = objNetwork.ComputerName
strADDomain = objNetwork.UserDomain
'Connect to user object in AD
Set objADUserbind = GetObject("WinNT://" & strADDomain & "/" & strADUserName)
'Remove all printers
For LOOP_COUNTER = 0 To objPrinters.Count - 1 Step 2
If Left(objPrinters.Item(LOOP_COUNTER +1),2) = "\\" Then
objNetwork.RemovePrinterConnection objPrinters.Item(LOOP_COUNTER +1),True,True
For Each objADGroup In objADUserbind.Groups
Select Case UCase(objADGroup.Name)
How are you runnign the script?
If you are running it as a logon script pushed by GPO you can filter the GPO by security group to eliminate the need for the script to check the group.
Cheers for the replies, I will have a look when I get time next week.
The script is a login script at the minute it is on OU but not ever one will need access hence why adding to a security group and doing it that way.
Will look at it when I can sit down on the network and play.
I have managed to get this script working ok:
I cannot get it to add a printer if a computer is member of certain security group, can anyone help?
Set WshNetwork = CreateObject("WScript.Network")
WshNetwork.AddWindowsPrinterConnection "\\NEL-NAVPRT-01\Mono Printing"
WshNetwork.AddWindowsPrinterConnection "\\NEL-NAVPRT-01\Colour Printing"
WshNetwork.SetDefaultPrinter "\\NEL-NAVPRT-01\Mono Printing"
Can anyone help on this one?
When you say a certain security group, any narrowing it down?
Originally Posted by MatthewL
Basically I want a script that if computer object is member of i.e. PRINTER1 then map \\server\printer1, if member of PRINTER2, map \\server\printer2, if that makes sense?
You could use the below scripts and just alter them slightly
Checking Group Membership in VBScript - CyrusBuilt dot Net
Main Code :
Code to call Function to check if the computer is apart of the relevant security group(s) - in your case Printer1, Printer2 etc
'******************************************************************** '* '* Function IsGroupMember() '* Purpose : Determines if the specified object is a member of the '* specified group. '* Input ..: UserOrComputerDN - [String] The distinguished name of '* the user or computer to check. '* GroupName - [String] The name of the group to '* check membership of. '* Output .: True - The user is a member. '* False - The user is not a member, the group does not '* exist, or the user does not exist. '* '******************************************************************** Function IsGroupMember(ByVal UserOrComputerDN, ByVal GroupName) On Error Resume Next Dim iRet Dim objUserOrComputer Dim objGroup Dim sGroup Dim colGroups iRet = False 'Bind user or computer AD object. Set objUserOrComputer = GetObject("LDAP://" & UserOrComputerDN) If ((Err.Number = 0) And (IsObject(objUserOrComputer))) Then 'Get the collection of groups the object is a member of. colGroups = objUserOrComputer.MemberOf If (Not IsEmpty(colGroups)) Then If (TypeName(colGroups) = "String") Then 'User is a member of only one group. Set objGroup = GetObject("LDAP://" & colGroups) If ((Err.Number = 0) And (IsObject(objGroup))) Then If (LCase(objGroup.CN) = LCase(GroupName)) Then iRet = True End If End If Else 'Object is a member of multiple groups. 'Iterate through the groups the user is a member of and see 'if any of them match the specified group. For Each sGroup In colGroups Set objGroup = GetObject("LDAP://" & sGroup) If ((Err.Number = 0) And (IsObject(objGroup))) Then If (LCase(objGroup.CN) = LCase(GroupName)) Then iRet = True Exit For End If End If Next End If End If End If 'Dispose objects and return. Set objGroup = Nothing Set objUserOrComputer = Nothing IsGroupMember = iRet End Function
Adjust PrinterX for Printer1 or Printer2 depending on which you want setting as default or whatever, also you need to adjust the userDN ( LDAP path ) for your computers OU
Set WshNetwork = CreateObject("WScript.Network")
Dim userDN Dim Printer1, Printer2
Printer1 = "Printer1"
Printer2 = "Printer2"
userDN = "CN=John Doe,OU=My Division,DC=fabrikam,DC=com"
If IsGroupMember(userDN, Printer1) Then
If IsGroupMember(userDN, Printer2) Then
Thanks for that, I will give it a go later this week when I am back in the office and let you know.