Batch scripting Windows 7

[truotsuko]

The code below is what I have currently,

NET USE G: \\Fileserver1\SHARE\AllShare /PERSISTENT:No
IF ERRORLEVEL 1 (
ECHO Error mapping drive G:
)

NET USE H: \\Fileserver1\SHARE\Management /PERSISTENT:No
IF ERRORLEVEL 1 (
ECHO Error mapping drive H:
)

NET USE I: \\Fileserver1\SHARE\Security /PERSISTENT:No
IF ERRORLEVEL 1 (
ECHO Error mapping drive H:
)

The scenario is this, I want this script to run at logon but the user it is running for does not need or have access to \\Fileserver1\SHARE\Security but since there are multiple users some with need to the path, I want to use this as a generic script that assigns permissions only to users who have NFS permissions. The problem is once it gets to a user that doesn't have rights it pauses and asks for a password, I would like it to muscle through mapping only the drives that each user has permissions to and not stopping on ACL denying access...

 

[Jason Light]

Is a batch script really necessary? I don't have much experience with NFS, but I think group policy can do it if you are on a pro / ultimate / enterprise version of windows.

 

[apache_lives]

perhaps try a generic net use for the server (net use \\fileserver1 /persistent:no) followed by a logic check (if /i exist \\fileserver\share\security\TESTFILE.TXT echo SECURITY IS ACCESSIBLE)

You could also call on some variables for assistance (if /i %USERNAME% equ ADMINISTRATOR net use \\fileserver1 /persistent:no) (could also use %COMPUTERNAME% etc)

You could also specify specific usernames and passwords (net use \\fileserver1\share\security /user:administrator password /persistent:no)

hopefully something here will help

 

[hang-the-9]

Is this on a domain or just a workgroup setup?
If a domain, the script should run on the server and you just need to setup groups that the script runs for so you can add whoever needs permissions to the group.

 

[truotsuko]

This is on a domain so the security groups that are called are on the domain level. In essence I simply want an array of all the shares that are available (say 10) but only to have those drives be assigned on a per user (security group membership) assigned, the issue I am running into is once I get to a path that the user does not have access to the script pauses and asks for a password, I would like for it to continue and disregard that question.

 

[truotsuko]

Is a batch script really necessary? I don't have much experience with NFS, but I think group policy can do it if you are on a pro / ultimate / enterprise version of windows.

User Configuration changes are disabled by higher level admins...

 

[truotsuko]

How about using the "ifmember" utility, I would like to but alas the syntax fails me, I picked a group that I am not a member of but assigned drives that I do have access to, based on my understanding the script should not run, but it does. any assistance is appreciated.

 

[Dragonburn]

would it be easier to use customised scripts for each security group, so that you can eliminate the password issue by omitting the unnecessary share for the groups that it is not required? might be a bit more work, but would get around the issue, as there is nothing I can see that will get around asking for a password, because the script is trying to give access to something that is not at the correct privilege level, hence the password popup.

 

[truotsuko]

I figured out the appropriate syntax (see below)...

NET USE G: /DELETE /Y
NET USE H: /DELETE /Y
NET USE I: /DELETE /Y
NET USE J: /DELETE /Y
NET USE K: /DELETE /Y
NET USE L: /DELETE /Y
NET USE M: /DELETE /Y
NET USE N: /DELETE /Y
NET USE O: /DELETE /Y
NET USE T: /DELETE /Y
NET USE Q: /DELETE /Y
NET USE R: /DELETE /Y
NET USE S: /DELETE /Y

ifmember "neasa\Security Group 1" || net use G: \\Server\SHARE\Folder1 /PERSISTENT:No

ifmember "neasa\Security Group 2" || net use H: \\Server\SHARE\Folder2 /PERSISTENT:No

ifmember "neasa\Security Group 3" || net use I: \\Server\SHARE\Folder3 /PERSISTENT:No

ifmember "neasa\Security Group 4" || net use J: \\Server\SHARE\Folder4 /PERSISTENT:No

ifmember "neasa\Security Group 5" || net use K: \\Server\SHARE\Folder5 /PERSISTENT:No

ifmember "neasa\Security Group 6" || net use L: \\Server\SHARE\Folder6 /PERSISTENT:No

ifmember "neasa\Security Group 7" || net use M: \\Server\SHARE\Folder7 /PERSISTENT:No

ifmember "neasa\Security Group 8" || net use N: \\Server\SHARE\Folder8 /PERSISTENT:No

ifmember "neasa\Security Group 9" || net use O: \\Server\SHARE\Folder9 /PERSISTENT:No

ifmember "neasa\Security Group 10" || net use Q: \\Server\SHARE\Folder10 /PERSISTENT:No

ifmember "neasa\Security Group 11" || net use R: \\Server\SHARE\Folder11 /PERSISTENT:No

ifmember "neasa\Security Group 12" || net use S: \\Server\SHARE\Folder12 /PERSISTENT:No

This is not the prettiest solution because as shares increase we run out of drive letters but for a relatively low tech solution I think it will work in the absence of a Domain level fix...