Pedro Sousa

In Windows NT/2000 networks, logon scripts can enable administrators to standardize the computing environment on client machines, quickly brand updates and changes to machines throughout the network, and perform other actions to automate network tasks. In this article, nosotros will expect at some of the variables that brand logon scripts and then valuable and give some examples of both simple and advanced logon scripts.

Understanding logon scripts
By Microsoft's definition, an ambassador can utilise logon scripts to automate tasks that will be performed whenever a particular user or a fellow member of a particular grouping logs on to a computer organization connected to a Windows NT/2000 domain. These scripts tin can use Windows environmental variables and can also call other scripts or executable programs. Logon scripts are often used to map network drives, start background processes, and initialize various options in the user surroundings.

Logon scripts are typically created with a text editor and must be saved in specific directories on Windows NT 4.0 servers and Windows 2000 servers. For Windows NT, you need to salve the logon script on a principal domain controller in the directory \winnt\system32\repl\import\scripts. For Windows 2000, you can save the script on any domain controller in the directory \winnt\sysvol\domain\scripts.

If you're totally new to logon scripts, I would also recommend checking out these resource:

  • "Simplifying network options through logon scripts"
  • "NetAdmin scripting primer" (download)
  • Microsoft Windows 2000 Server Documentation

Simple logon script examples
Allow's look at some examples of simple logon scripts. We're going to look at tasks such equally mapping network drives, mapping network printers, and synchronizing with time servers. The post-obit example covers these three tasks:

internet employ y: \\srvpdc\information

net utilise LPT1: \\srvpdc\printer1

net time \\svrpdc /gear up /aye

In this example, we've mapped bulldoze Y: on the local machine to a network share called data on our main server, SRVPDC. We've mapped printer1 to LPT1 on the local PC. We've too synchronized the time setting on the PC with the time server, too SRVPDC.

Simply what about tasks that need to be done simply to some users or groups in detail? Y'all can address that by using provisional statements that run specific commands depending on the user or group. Let'due south look at ii examples:

If %USERNAME%=Administrator internet use z: \\srvpdc\admtools

If ifmember.exe "HR" net use t: \\srvpdc\60 minutes

In the start example, we've mapped the drive admtools only to the user Administrator. In the second example, we've mapped a share called hr to our human resources group based on the output of a tool called ifmember.exe, which you tin can find in the Microsoft Windows 2000 Resource Kit.

Logon script options
You tin can notice the logon script options described in depth in the article "Simplifying network options through logon scripts" (recommended in a higher place), but hither's a brusk summary of some of the near useful variables:

  • %USERNAME%—Displays the proper noun of the user who's currently logged on
  • %USERDOMAIN%—Displays the name of the domain that the user is currently logged on to
  • %HOMEDRIVE%—Displays the logged-on user'due south dwelling drive assault the Computer Management Tool
  • %HOMEPATH%—Displays the path of the user'due south home directory
  • %HOMESHARE%—Displays the share name of the user'due south domicile directory
  • %PROCESSOR%—Displays the blazon of processor in the user's PC
  • %OS%—Displays the operating system the user is using

Allow's wait at some examples of some of these variables:

net use h: /home /user:%USERNAME%

if "%OS%" == "Windows_NT"

The first example uses the %USERNAME% variable to map a home share using the username of the logged-on user. The 2nd one verifies the user'due south operating system, which can be used to utilise (or not apply) a service pack in a mixed-style environment, as we volition see in the side by side example.

Advanced logon script examples
Let'south take our last instance and run across how we can employ logon scripts to update our service packs or our antivirus definitions.

A service pack update script would look similar this:

if "%OS%" == "Windows_NT" goto NT_OS
if ErrorLevel 1 goto END

:NT_OS

net apply /delete W:
net apply Due west: \\srvpdc\service
W:
cd nt4sp6
update -u -f -northward -o
cyberspace use /delete W:

:End

In this script, nosotros verify the %Bone% to meet if the user is logged on to a Windows NT machine. After that, nosotros fix a network share on the user'southward machine that we want to map the service pack share to. Finally, we run the service pack.

At present let'southward take a look at the following script for an antivirus definition update:

internet use five: \\srvpdc\virus$ /yeah

if exist "c:\vupdate" goto :adjacent
md "c:\vupdate"

:side by side

if exist "c:\vupdate\vupdate.exe" deltree /y "c:\vupdate\vupdate.exe"
cls

if not exist "C:\Program Files\AntiVirus\plan.exe" goto :END

if exist "c:\vupdate\march16.txt" goto :Stop

goto :update

:update

deltree /y  "c:\vupdate\*.*"
copy 5:\march16.txt c:\vupdate
copy v:\vupdate.exe c:\vupdate

cls

echo _______________________________________________
echo   -=YOUR VIRUS DEFINITIONS ARE OUT OF DATE=-
repeat           -=AND Will NOW BE UPGRADED=-
echo _______________________________________________
ECHO _______________________________________________
echo            -==== INFORMATION ====-
echo   -=YOUR VIRUS SOFTWARE IS Now Upward TO DATE=-
ECHO             -=Retrieve=-
Repeat              -=DO A Full SCAN=-
ECHO -=HOWTO: OPEN THE ANTI-VIRUS PROGRAM, HIT "Become"=-
Repeat _______________________________________________
Pause
start  "c:\vupdate\vupdate.exe"

GOTO :Finish


:END

This case uses a different strategy. We start past mapping a network share that contains the software update. And then, we see whether the user already has a binder with the update. If and so, nosotros delete information technology. After that, nosotros bank check to come across whether the user has the antivirus plan installed and has the current update. If non, nosotros copy the files to the local machine and run the update. Nosotros know that we could run the update from the remote share, only this is a fashion to ensure that we utilize the correct update and that we simply practise information technology in one case.

Determination
Logon scripts are a simple way of automating many network administration tasks. In this article, nosotros have shown y'all a lilliputian flake of the power of these scripts. In my next article, nosotros'll look at how to build even more powerful scripts using Windows Script Host.
We look forward to getting your input and hearing your experiences regarding this of import topic. Bring together the discussion below or send the editor an e-mail.