PeterAtkin Posted May 27, 2010 Posted May 27, 2010 (edited) I decided to learn autoscript because.... To make my life easier, so through the months that I been leaching from these forums without any remorse I thought its time that I try and put some stuff back.I run an IT company in Uganda (Africa) Computer Facilities so these scripts are more functional than anything else, their well tested for use with XP, Vista and Windows 7 so far have not given me any issues, that been said I'm no expert and if anyone wants to tidy these up and make useful suggestions I'm more than happy.Some of the scripts that I have done are Windows Vista 7 OEM editor (aimed at institutions like mine who do a lot of basic setups) , Auto silent install for various programmes (for use in clean install / basic setup a real time and manpower saver), AD logon script, some security related scripts that I'm still working on, will post as and when..I'm not very good at documenting but any sensible questions I am very happy to answer. Main points of this script (domain logon) are:- Most customisation can be easily done from the logon script with the [settings] section. - Will display .bmp (splash), automatically centre picture no size limitation, just make sure it can fit on the screen, useful for basic client customisation. - Fully configurable .ini file where most common setting can be edited without the need for programming knowledge, similar syntax as you would use in a batch file.- Group centric, add shares and printers on a AD group bases- User centric, add shares and printers on a AD user bases- Basic cleanup of PC when scripts starts, temp files, ie cache, recycle bins- RDP, ncomputing session aware- Excellent diagnostics and information pages as well as all errors been reported to the event logs under applications- Can map none windows device shares in Vista or Windows 7, e.g uses IP instead of UNC names (Problem/Bug with Vista and Windows 7)- Welcome can be verbal (just a bit of fun)- Easy to deploy on almost any size AD network.- Will run on XP, Vista and Windows 7 32bit Client OS, but not on Server OS's (deliberately)- Designed for use with Windows 2003/8 (R2 included) servers, may run on 2000 but have not tested.- Test for known malware or unwanted running process, again all read from a separate .ini file- Will recreate the basic .ini and .bmp files required should they not be present in the script directory.The script is group ans user centric which means that printers and shares are done at the group and user level.this file is the vars.ini file that I use, it the basic config file that the main script uses.var.ini [Computer Facilities]url = www.computer-facilities.come-mail = support@computer-facilities.comtel = 0414-533784[Group Printers]; Group = Printer \\host\printer share nameDomain Users = \\dc-pri-cfu\hp4250nCore = \\dc-pri-cfu\hp4700n[Domain Users]p: = \\NSA-Core\Public[core]; drive and share in this format x: = \\host\sharex: = \\NSA-Core\coreq: = \\NSA-Core\quickbookst: = \\NSA-Core\clientsu: = \\NSA-Core\suppliersn: = \\NSA-Core\localcoms[engineers]s: = \\NSA-Core\sourcew: = \\NSA-Core\quotewerks[Domain Admins]s: = \\NSA-Core\sourcer: = \\dc-pri-cfu\Remote Installs[peter]k: = \\temp\downloadj: = \\temp\workm: = \\temp\music[Groups]; as default a global group is used that should have all users that are allowed to use this script in.; the default group name is the 'Domain Users' this group will also need to be added within this as per groups below.1 = Domain Users2 = core3 = Domain Admins4 = Engineers5 = quoteworks[settings]; Verble welcome but is switched off when in 'RDP' or 'nComputing' sessionvoice_welcome = Yeshomebase = \\NSA-Core\userhomebase_drive = h:homebase_post =tempfile_clean = YesIE_clean = Yesempty_bins = YesCompany = Computer FacilitiesSplash = NoDiags = 0post_msg = e-mail support@computer-facilities.com or call 0414-533784detect_processes = YesScript needs to be complied and then run from netlogon directory on the server with the vars.ini file in the same directory.malware.ini [Malware]$sys$DRMServer.exe = XCP DRMafinding.exe = AdClientDl AAntiVirGear 3.8.exe = AntiVirGearantvrs.exe = Win32/SillyDl.EMXAUTOUPDATE.EXE = AproposMediaav2009.exe = Spyware Antivirus 2009B2BUpdate.exe = B2BUpdatebargains.exe = Bargain BuddyBLOCK-CHECKER.EXE = BLOCK-CHECKERBO1HEL~1.EXE = Butterfly Oasis Screensav...CDProxyServ.exe = XCP.Sony.Rootkitcmesys.exe = GAIN / Gatorcool.exe = cool.execproc.exe = cproc.execrss.exe = Part of W32.AGOBOT.GH Crss.exe is a process forming part of the W32.AGOBOT.GH wormctfmon.exe = ctfmon.exe - threatCXTPLS.EXE = AproposMediaDateManager.exe = Gator adwareDC6cw.exe = DC6cwdcmon.exe = SystemDoctor 2006 Freedcsm.exe = DriveCleanerdesktop.exe = Desktop Searchdllhost.exe = Possible VirusDNSE.exe = DriveCleaner FreeDSSAGENT.EXE = Broderbund DSSagentflashget.exe = FlashGetFreezeScreenSaver.exe = FreezeScreenSavergamevance32.exe = Gamevanceicmntr.exe = Zlob TrojanIcon.exe = icon.exeistsvc.exe = IST adware/hijackerlsasss.exe = W32/Sasser.E Wormlssas.exe = Optix.Pro trojanm3IMPipe.exe = MyWebSearchmrofinu1188.exe = VirusprotectPromrofinu572.exe = Trojan-Downloader.Win32.A...msasvc.exe = Microsoft authenticate se...msnmsgr.exe = Win32.Agobot.AGMnvcpl.exe = Part of W32.SpyBot.S Worm Nvcpl.exe is a process which is registered as the W32.SpyBot.Sqttask.exe = Win32.Drugtobrlvknlg.exe = Relevant Knowedgescvhost.exe = Part of W32/Agobot-S virus The scvhost.exe file is a component of the W32/Agobot-S virusSearchSettings.exe = Search Settingsslsk.exe = soulseeksoproc.exe = soprocSrv.exe = Zango Search AssistantStillMnt.exe = StillMnt.exestm.exe = PCPrivacy Tool (CA)stopthepop.exe = stopthepopspooldr.sys = The Trojan.Packed.13 is a malicious process that is distributed through Glossary Link spam known as Peacomm.strpmon.exe = SafePCTool (CA)svdhost.exe = Win32/Lioten.GGsvehost.exe = WORM_SPYBOT.Hsvhost.exe = Part of W32.Mydoom.I@mm Svhost.exe is a process which is associated with the W32.Mydoom.I@mm wormsvrse.exe = W32/IRCbot.gen.a!a38744c9...Sync.exe = WhenU ClockSynctbon.exe = Best OffersTSADBOT.EXE = Conducentudcpas.exe = DriveCleanerudcsdr.exe = DriveCleanerUSS.exe = USS.exe TrojanVistaDrive.exe = VistaDriveWeatherStudio Desktop.exe = WeatherStudio Desktopwebbuying.exe = Web Buyingwebrebates.exe = Win32.Agent.bfwfxcwr.exe = WinFixerwfxqhv.exe = wfxqhv.exewhagent.exe = Webhancerwhse.exe = WhenUsearch BarwhSurvey.exe = WebHancerwinable.exe = TROJ_AGENT.AAWZWinAV.exe = Win32/WinSoftware.WinAnti...windupd.exe = Downloader.Bancos!genWinForm.exe = Adware, WinForm.exe and WinFormKeep.exe run togetherWinFormKeep.exe = Adware, WinForm.exe and WinFormKeep.exe run togetherwinlog.exe = W32/Agobot-LFwinsys2.exe = winsys2wserving.exe = AdClientDl AWSup.exe = HuntBarWToolsA.exe = HuntBarWToolsS.exe = HuntBarXhrmy.exe = LinkTracker spywarexpupdate.exe = xpupdate.exexpuupdate.exe = Oneraw BNzango.exe = Zango / 180SearchZangoSA.exe = Zango Search AssistantZbSrv.exe = ZangoIf you want to use autoit none complied running on a windows server platform then see Use AutoIT as a Windows Login Script this will point you in the right direction.ToDo..- Tidy up script (always present)- A better way to do the Progress bar :Ver. 1.1.0.17- Better Error control for drives / hosts that are not present :Ver. 1.0.0.10- Redo .ini file parameters to give more flexibility : Ver. 1.1.0.16- Redo the .ini file arrays so array are read into memory first then referenced from memory not the .ini file. :Ver. 2.0.0.0- Redo network printer function to allow more than one printer per AD group :Ver. 2.0.0.0- Add facility to delete all printers (not as easy as it sounds)- detect if computer and/or user is newly joined to the domain- Add internal e-mail support for error messages- Add log files to replace diags mode. : Ver. 2.0.0.2- silent install of main applications if not present on client system (already done as a separate app, now need to integrate it)Dependencies and Versions:- Logon V2 :This is a rewrite where most of the .ini file read routines were redone to allow them to be run from memory instead of disk, increased speed of the logon script tremendously.- Autoit 3.3.6.1: http://www.autoitscript.com/autoit3/downloads.shtmlExternal UDF's Required- AD .40: http://www.autoitscript.com/forum/index.php?showtopic=106163- Log 1.0: http://www.autoitscript.com/forum/index.php?showtopic=119032Must Reads- Vista Windows 7 none issues when mapping to none windows storage devices, you will need to edit your GPO?http://social.technet.microsoft.com/Foru...ead/4606ad12-1f23-4231-8597-8e515422d57d Version 2.0.0.2 (18 Sept 2010)Put the below files in a directory named [files] you will also need the above .ini files put into the same before compiling.logon.au3cfu_logo.bmpfavicon.icoFully compiled version for those that want it...logon.exeAccreditation's and References:- Drive mapping: http://www.autoitscript.com/forum/index....ic=110567&st=0&gopid=776497&#entry776497- User Profile Type: http://www.autoitscript.com/forum/index.php?showtopic=113711- Splash Screen: http://www.autoitscript.com/forum/index.php?showtopic=115441- IP Stuff: http://www.autoitscript.com/forum/index....l=IP%20gateway&fromsearch=1&#entry625302- IP Stuff: http://www.autoitscript.com/forum/index....ic=109887&st=0&gopid=772563&#entry772563- IP Stuff: http://msdn.microsoft.com/en-us/library/aa394217(VS.85).aspx- Malware Scanner: http://www.autoitscript.com/forum/index.....ic=87144&st=0&gopid=827573&#entry827573- Generic Array: http://www.autoitscript.com/forum/index....ic=119057&st=0&gopid=827940&#entry827940Normal Terms of usage just make sure that if you use my code/script to credit me and others that are relevant! Keeps me amused and makes me feel wanted.. Edited September 18, 2010 by PeterAtkin [topic='115020'] AD Domain Logon Script[/topic]
water Posted May 27, 2010 Posted May 27, 2010 Just had a quick look at the AD stuff.You do _AD_Open (line 64) and _AD_Close (line 97) and then you call _ifmember (line 98) that itself does _AD_Open and _AD_close again. Move line 98 before line 97 and remove _AD_Open and _AD_Close from function _ifmember. Gives a bit more speed.Line 73: cannot use 'domain users' ... That's true you can't check membership for this group as this is the primary group for a user and always empty. You can check the primary groups like this:_AD_IsMemberOf("domain users", @UserName, True)This checks if the user is a member of the specified group. If this returns false then the primary group of the user is checked.make sure your usergroups do not have groups within as they seem not to be read ... In this case you have to do recursive checking of membership. Use _AD_RecursiveGetMemberOf instead. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
PeterAtkin Posted May 27, 2010 Author Posted May 27, 2010 (edited) Wow thanks for the info very useful.. Edited September 6, 2010 by PeterAtkin [topic='115020'] AD Domain Logon Script[/topic]
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now