IONCom

Thanks Chad.. I was looking at that, but was not sure of how to utilize it properly. do you know how i can loop through the function cleanly? for the utility to work It needs a line for each account, privilege and computer to be written in the CMD file to be run. So i would have to start with account #1/cpu #1, Then account #2/cpu #1, Account #3/cpu #1.. When all accounts are done, then start: account #1/cpu #2, Then account #2/cpu #2, Account #3/cpu #2 and so on, until all accounts have been married with all CPU's. ex: NTRights -u "Account1" -m Machine1 +r SeBatchLogonRight NTRights -u "Account1" -m Machine1 +r SeNetworkLogonRight NTRights -u "Account2" -m Machine1 +r SeBatchLogonRight NTRights -u "Account2" -m Machine1 +r SeNetworkLogonRight NTRights -u "Account1" -m Machine2 +r SeBatchLogonRight NTRights -u "Account1" -m Machine2 +r SeNetworkLogonRight NTRights -u "Account2" -m Machine2 +r SeBatchLogonRight NTRights -u "Account2" -m Machine2 +r SeNetworkLogonRight I have not seen an include that does this so I am relying on utility to produce the commands in a repeatable process so they can be applied or reapplied as needed and tracked through the enterprise. I am doing it this way since GPO's applying the global accounts, overrides the application specific seeds that they add, like SQL and IIS. this way i don't mess up any mission critical apps but can still deploy the rights our enterprise needs.

I am attempting to add to input fields to this form to accept Cut and Paste of multiple entries, one per line, to parse through the 2 box and then generate the code needed. Currently it works perfect with single entries in each box, but to make it really useful would be to allow for either Cut/Paste or reading a text file to help generate the scripts. Below is the current code I have. the utility uses the the Microsoft Utility NTRights.exe to work. i was unable to attach the file so i apologize. #region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_Icon=....ICONSCNFNOT.ICO #AutoIt3Wrapper_Res_Description=Created to Manually add Local Security rights to servers #AutoIt3Wrapper_Res_Fileversion=1.0.0.0 #AutoIt3Wrapper_Res_LegalCopyright=Brian Foster - ION Communications #endregion ;**** Directives created by AutoIt3Wrapper_GUI **** #include <buttonconstants.au3> #include <comboconstants.au3> #include <editconstants.au3> #include <guiconstantsex.au3> #include <staticconstants.au3> #include <tabconstants.au3> #include <windowsconstants.au3> #include <constants.au3> ;Add Utility file to script FileInstall("C:ScriptsAddServiceRigthsNTRights.exe", @ScriptDir & "NTRights.exe") #region ### START Koda GUI section ### Form=c:scriptsaddservicerigthsform1.kxf $SecurityRights = GUICreate("Security Rights", 657, 403, 192, 114) GUISetBkColor(0xD4D0C8) $AccountName = GUICtrlCreateInput("AccountName", 16, 72, 193, 21) $MachineName = GUICtrlCreateInput("MachineName", 272, 72, 225, 21) $RightsList = GUICtrlCreateTab(16, 104, 473, 233) $TabSheet1 = GUICtrlCreateTabItem("Logon Privileges") $SeBatchLogonRight = GUICtrlCreateCheckbox("Log on as a batch job", 32, 144, 153, 17) $SeInteractiveLogonRight = GUICtrlCreateCheckbox("Log on locally", 32, 200, 129, 17) $SeDenyInteractiveLogonRight = GUICtrlCreateCheckbox("Deny local logon", 32, 224, 121, 17) $SeServiceLogonRight = GUICtrlCreateCheckbox("Logon as a service ", 32, 264, 129, 17) $SeDenyServiceLogonRight = GUICtrlCreateCheckbox("Deny logon as a service", 32, 288, 145, 17) $SeNetworkLogonRight = GUICtrlCreateCheckbox("Access this Computer from the Network", 208, 168, 217, 17) $SeDenyNetworkLogonRight = GUICtrlCreateCheckbox("Deny Access to this computer from the network", 208, 192, 265, 17) $SeRemoteInteractiveLogonRight = GUICtrlCreateCheckbox("Allow logon through Terminal Services", 208, 264, 241, 17) $SeDenyRemoteInteractiveLogonRight = GUICtrlCreateCheckbox("Deny logon through Terminal Services", 208, 288, 217, 17) $Label1 = GUICtrlCreateLabel("The Following are not supported on Windows 2000", 208, 240, 245, 17) GUICtrlSetFont(-1, 8, 400, 4, "MS Sans Serif") GUICtrlSetColor(-1, 0x800000) $SeDenyBatchLogonRight = GUICtrlCreateCheckbox("Deny logon as a batch job", 32, 168, 129, 17) $SeDebugPrivilege = GUICtrlCreateCheckbox("Debug programs", 208, 145, 129, 17) $TabSheet2 = GUICtrlCreateTabItem("SysAdmin Privileges") $SeAuditPrivilege = GUICtrlCreateCheckbox("Generate security audits ", 32, 144, 185, 17) $SeSecurityPrivilege = GUICtrlCreateCheckbox("Manage auditing and security log", 32, 170, 185, 17) $SeBackupPrivilege = GUICtrlCreateCheckbox("Backup files and directories", 32, 194, 185, 17) $SeMachineAccountPrivilege = GUICtrlCreateCheckbox("Add workstations to the domain", 32, 218, 185, 17) $SeShutdownPrivilege = GUICtrlCreateCheckbox("Shut down the system ", 32, 242, 185, 17) $SeRemoteShutdownPrivilege = GUICtrlCreateCheckbox("Force shutdown from a remote system", 32, 266, 209, 17) $SeCreatePagefilePrivilege = GUICtrlCreateCheckbox("Create a pagefile", 32, 290, 185, 17) $SeIncreaseQuotaPrivilege = GUICtrlCreateCheckbox("Increase quotas", 257, 146, 185, 17) $SeRestorePrivilege = GUICtrlCreateCheckbox("Restore files and directories", 257, 172, 185, 17) $SeSystemTimePrivilege = GUICtrlCreateCheckbox("Change the system time", 257, 196, 185, 17) $SeManageVolumePrivilege = GUICtrlCreateCheckbox("Manage the files on a volume (XP Only)", 257, 220, 217, 17) $SeTakeOwnershipPrivilege = GUICtrlCreateCheckbox("Take ownership of files/objects", 257, 244, 185, 17) $SeUndockPrivilege = GUICtrlCreateCheckbox("Remove computer from docking station", 257, 268, 225, 17) $SeEnableDelegationPrivilege = GUICtrlCreateCheckbox("Enable computer/user accounts to be trusted for delegation", 257, 290, 185, 33, BitOR($GUI_SS_DEFAULT_CHECKBOX, $BS_MULTILINE)) GUICtrlSetResizing(-1, $GUI_DOCKAUTO + $GUI_DOCKTOP + $GUI_DOCKBOTTOM + $GUI_DOCKHEIGHT) $TabSheet3 = GUICtrlCreateTabItem("Service Privileges") $SeCreatePermanentPrivilege = GUICtrlCreateCheckbox("Create permanent shared objects", 32, 152, 193, 17) $SeCreateTokenPrivilege = GUICtrlCreateCheckbox("Create a token object", 32, 176, 209, 17) $SeAssignPrimaryTokenPrivilege = GUICtrlCreateCheckbox("Replace a process-level token", 32, 200, 177, 17) $SeImpersonatePrivilege = GUICtrlCreateCheckbox("Impersonate a client after authentication", 32, 224, 217, 17) $SeIncreaseBasePriorityPrivilege = GUICtrlCreateCheckbox("Increase scheduling priority", 32, 248, 225, 17) $SeTcbPrivilege = GUICtrlCreateCheckbox("Act as part of the operating system ", 272, 152, 201, 17) $SeProfileSingleProcessPrivilege = GUICtrlCreateCheckbox("Profile a single process", 272, 176, 185, 17) $SeLoadDriverPrivilege = GUICtrlCreateCheckbox("Load and unload device drivers", 272, 200, 201, 17) $SeLockMemoryPrivilege = GUICtrlCreateCheckbox("Lock pages in memory", 272, 224, 201, 17) $SeCreateGlobalPrivilege = GUICtrlCreateCheckbox("Create global objects", 272, 248, 193, 17) $TabSheet4 = GUICtrlCreateTabItem("Misc. Privileges") $SeChangeNotifyPrivilege = GUICtrlCreateCheckbox("Bypass traverse checking", 32, 160, 161, 17) $SeSyncAgentPrivilege = GUICtrlCreateCheckbox("Synch directory service data", 32, 192, 161, 17) $SeSystemEnvironmentPrivilege = GUICtrlCreateCheckbox("Edit firmware environment values", 32, 224, 225, 17) $SeSystemProfilePrivilege = GUICtrlCreateCheckbox("Profile system performance", 32, 256, 177, 17) GUICtrlCreateTabItem("") $RUN = GUICtrlCreateButton("RUN File", 24, 352, 81, 25) GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") GUICtrlSetColor(-1, 0x008000) $EXIT = GUICtrlCreateButton("EXIT", 392, 352, 81, 25) GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") GUICtrlSetColor(-1, 0x800000) $Label2 = GUICtrlCreateLabel("Enter Account name to grant rights to:", 16, 40, 221, 17) GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") $Label3 = GUICtrlCreateLabel("Domainusername(group) ", 16, 56, 150, 17) GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") $Label4 = GUICtrlCreateLabel("Enter remote Machine Name or LocalHost", 272, 56, 240, 17) GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") $Generate = GUICtrlCreateButton("Generate File", 168, 352, 121, 25) GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") GUICtrlSetColor(-1, 0x000080) $Privileges = GUICtrlCreateCombo("GRANT Privilege", 496, 176, 129, 25, BitOR($CBS_DROPDOWN, $CBS_AUTOHSCROLL)) GUICtrlSetData(-1, "REMOVE Privilege") GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") GUICtrlSetColor(-1, 0x0000FF) GUICtrlSetBkColor(-1, 0xECE9D8) $Label5 = GUICtrlCreateLabel("Select to ADD/ REMOVE", 496, 152, 147, 17) GUICtrlSetFont(-1, 6, 800, 4, "MS Sans Serif") GUISetState(@SW_SHOW) #endregion ### END Koda GUI section ### Dim $File While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE FileDelete(@ScriptDir & "NTRights.exe") Exit Case $RUN _CREATEFile() $Line = '"' & $File & '" >"' & $File & ".log" & '"' RunWait($Line, "", @SW_HIDE) FileDelete($File) MsgBox("", "Log File has been saved as: ", $File & ".log") Case $EXIT FileDelete(@ScriptDir & "NTRights.exe") Exit Case $Generate _CREATEFile() MsgBox("", "File Save Location", "Your File has been saved to: " & @CRLF & @CRLF & $File) EndSwitch WEnd Func _CREATEFile() Dim $Priv $User = GUICtrlRead($AccountName) $CPU = GUICtrlRead($MachineName) If $User = "AccountName" Then MsgBox("", "Change Account Name", "Please Change the Account Name before continuing") If $CPU = "MachineName" Then MsgBox("", "Change Machine Name", "Please change the Machine Name before continuing") If GUICtrlRead($Privileges) = "GRANT Privilege" Then $Priv = "+r" Else $Priv = "-r" EndIf $File = @MyDocumentsDir & "" & $CPU & "_" & @MSEC & ".CMD" $Writefile = FileOpen($File, 1) If GUICtrlRead($SeBatchLogonRight) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeBatchLogonRight") If GUICtrlRead($SeInteractiveLogonRight) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeInteractiveLogonRight") If GUICtrlRead($SeDenyInteractiveLogonRight) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeDenyInteractiveLogonRight") If GUICtrlRead($SeServiceLogonRight) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeServiceLogonRight") If GUICtrlRead($SeDenyServiceLogonRight) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeDenyServiceLogonRight") If GUICtrlRead($SeNetworkLogonRight) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeNetworkLogonRight") If GUICtrlRead($SeDenyNetworkLogonRight) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeDenyNetworkLogonRight") If GUICtrlRead($SeRemoteInteractiveLogonRight) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeRemoteInteractiveLogonRight") If GUICtrlRead($SeDenyRemoteInteractiveLogonRight) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeDenyRemoteInteractiveLogonRight") If GUICtrlRead($SeDenyBatchLogonRight) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeDenyBatchLogonRight") If GUICtrlRead($SeDebugPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeDebugPrivilege") If GUICtrlRead($SeAuditPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeAuditPrivilege") If GUICtrlRead($SeSecurityPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeSecurityPrivilege") If GUICtrlRead($SeBackupPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeBackupPrivilege") If GUICtrlRead($SeMachineAccountPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeMachineAccountPrivilege") If GUICtrlRead($SeShutdownPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeShutdownPrivilege") If GUICtrlRead($SeRemoteShutdownPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeRemoteShutdownPrivilege") If GUICtrlRead($SeCreatePagefilePrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeCreatePagefilePrivilege") If GUICtrlRead($SeIncreaseQuotaPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeIncreaseQuotaPrivilege") If GUICtrlRead($SeRestorePrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeRestorePrivilege") If GUICtrlRead($SeSystemTimePrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeSystemTimePrivilege") If GUICtrlRead($SeManageVolumePrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeManageVolumePrivilege") If GUICtrlRead($SeTakeOwnershipPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeTakeOwnershipPrivilege") If GUICtrlRead($SeUndockPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeUndockPrivilege") If GUICtrlRead($SeEnableDelegationPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeEnableDelegationPrivilege") If GUICtrlRead($SeCreatePermanentPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeCreatePermanentPrivilege") If GUICtrlRead($SeCreateTokenPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeCreateTokenPrivilege") If GUICtrlRead($SeAssignPrimaryTokenPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeAssignPrimaryTokenPrivilege") If GUICtrlRead($SeImpersonatePrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeImpersonatePrivilege") If GUICtrlRead($SeIncreaseBasePriorityPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeIncreaseBasePriorityPrivilege") If GUICtrlRead($SeTcbPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeTcbPrivilege") If GUICtrlRead($SeProfileSingleProcessPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeProfileSingleProcessPrivilege") If GUICtrlRead($SeLoadDriverPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeLoadDriverPrivilege") If GUICtrlRead($SeLockMemoryPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeLockMemoryPrivilege") If GUICtrlRead($SeCreateGlobalPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeCreateGlobalPrivilege") If GUICtrlRead($SeChangeNotifyPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeChangeNotifyPrivilege") If GUICtrlRead($SeSyncAgentPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeSyncAgentPrivilege") If GUICtrlRead($SeSystemEnvironmentPrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeSystemEnvironmentPrivilege") If GUICtrlRead($SeSystemProfilePrivilege) = 1 Then FileWriteLine($Writefile, "NTRights -u " & '"' & $User & '"' & " -m " & $CPU & " " & $Priv & " " & "SeSystemProfilePrivilege") FileClose($Writefile) Return ($File) EndFunc ;==>_CREATEFile

Was anyone able to figure out how to parse a Windows GPO XML file for import into a CSV or Excel file?

I have looked around and have some examples but trying to make a single interface for them is causing me headaches. I am only looking to have them be able to open the application, have it find and know the domain and structure. then only give them the ability to: Lookup an account Add Delete and change user properties Change password and select change password at next login or do not require it. Move the account to another OU. Same with the computer accounts: Reset, Move, add or delete the account. Nothing major but i am too brain dead to get it going. I have VB scripts to manipulate bulk accounts and can get them going with very static settings, but I would really like to make it as automated as possible. Thank you

Does anyone have any good examples of how to use the ADFunctions.au3 to help create a meaningful AD management console? My management wants to supply our untrained service desk personel with Full access to ADUC and all functions for management. I want to avoid that and provide only the functions that they will need to do their job. Search, user and computer accounts, rename and edit information, reset passwords and add and delete machine and user accounts. Any help would be appreciated. I know enough on AutoIT to get around, but some of the ADFunctions are really burning my brain cells.

Figured out a way to make it work. Set the RUNAS credetials to read the file on the DFS share and write the entires to a local txt file, do a Fileopen of the local file and then pass the credentials in the script: While 1 $line = FileReadLine($file) If @error = -1 Then ExitLoop $Map = $line & " " & "/User:DOMAIN\" & GUICtrlRead($UsernameID) & ' ' & GUICtrlRead($ADPassID) It reads all the mappings and works like a champ.

They are. When RUNWAIT runs, I have a WHOAMI line in my CMD file to verify that the correct domain credentials are being passed. It shows the drives are mapped correctly and If I open a Commnad prompt on the computer of the credentials that were passed, I do a Net Use and see the drives are mapped with a status of Unavailable but they never show within =the non domain account.

Lets try this: sorry for being so wordy: When the users are logged into the laptops as a local account, once the connection is established they do not have access to the DFS share to read the CMD file. I am running a RUNASSET and passing their valid domain credentials to the DFS share. This allows the users to read the account and the drives are mapped, but they are not showing as they are being mapped within the profile of the RUNASSET credentials and I am unable to get them to display. How can I map the drives within the current logged on user account when they are not using a valid domain login. This is the section I am working on. ;Send Login credentials to VPN Send("{ALTDOWN}u{ALTUP}") Send($UserName) Send("{TAB}") Send($Password) Send("{ENTER}") ProgressSet(30, "30%") ProgressSet(40, "40%") Sleep(2000) ProgressSet(55, "55%") Sleep(10000) $VAR = Ping("DOMAINCONTROLLER", 500) If $VAR Then Run('"C:\Program Files\VPN\VPNGui"') ProgressSet(60, "60%") RunAsSet(GUICtrlRead($UsernameID), "MYDOMAIN", GUICtrlRead($ADPassID), 0) RunWait(@ComSpec & ' /C ' & "\\MYDOMAIN\data\VPNUpdate\VPNMap.cmd", "", @SW_MAXIMIZE) The VPN CMD file is using IF INGROUP to find the approriate shares and I am keeping it on the DFS share for a single management point.

I am trying to complete this VPN script and add drive mappings. I am now STUCK. My experience with AutoIT is a 3 out of 10 and need to do a shout out for some assistance. What I am trying to accomplish is run our Cisco VPN software with a specific profile that is the same for all clients. Once connected to the concentrator map the users shares from a CMD file located on a DFS share on the network based on group associations. The CMD file is using a basic IF INGROUP command. Everything works fine if the user logs into the laptop with a valid Domain account, however many users share systems and dont get proper mappings or login with a local account. This causes the script to error out and no drives being mapped. When the users are logged into the laptops as a local account, once the connection is established they do not have access to the DFS share to read the CMD file. I am running a RUNASSET and passing the domain credentials to the DFS share. This allows the users to read the account and the drives are mapped, but they are not showing as they are being mapped within the profile of the RUNASSET credentials and I am unable to get them to display. I am also not able to get any type of logging to display from the hidden boxes so the users know what is occurring. Any type of assistance is GREATLY appreciated. I think if this can become functional it would be a great addition to any Admins remote solution. Thanks. Below is the current script as i have it now. As you can see i have been incorporating as many tools as i can to get this cumbersome script working. #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_icon=16x16.ico #AutoIt3Wrapper_outfile=OFFICEVPN.exe #AutoIt3Wrapper_Res_Fileversion=1.5.0.3 #AutoIt3Wrapper_Res_Icon_Add=Windows.ico #AutoIt3Wrapper_Res_Icon_Add=RSA.ico #AutoIt3Wrapper_Res_File_Add="TitlebarBig.bmp", logo, Header #AutoIt3Wrapper_Run_Tidy=y #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** ;=============================================================================== ; ; Last Modified: 03/25/08 ; ;=============================================================================== #include "C:\Program Files\AutoIt3\include\file.au3" ; this is required for file functions to work #include "C:\Program Files\AutoIt3\include\Process.au3" #include "C:\Program Files\AutoIt3\include\GUIConstants.au3" ;this is required for a GUI to work ; Check for Internet connection $VAR1 = Ping("google.com", 1000) If $VAR1 = 0 Then $InputBox = GUICreate("No Internet Connection", 250, 100) GUISetIcon("16x16.ico") GUICtrlCreateLabel("You do not appear to be connected to the Internet", 5, 10) GUICtrlCreateLabel("please verify that you have an active connection.", 5, 25) GUICtrlCreateLabel("When verified, please try running the VPN again", 5, 40) $EXIT = GUICtrlCreateButton("OK", 100, 70, 70, 20, $BS_DEFPUSHBUTTON) ;This causes the application to exit GUISetState() ; while OK is not pressed, display the GUI Do $msg = GUIGetMsg() ; close if X button pressed If $msg = $GUI_EVENT_CLOSE Then Exit EndIf Until $msg = $EXIT Exit EndIf #Region ### START Koda GUI section ### $Form1 = GUICreate("OFFICE-VPN", 325, 367) ; 303, 171) ;W H L T GUISetIcon("16x16.ico") GUICtrlCreateLabel("Username", 45, 264, 52, 17) GUICtrlCreateLabel("Password", 45, 289, 52, 17) GUICtrlCreateLabel("PIN+RSA", 45, 315, 50, 17) GUICtrlCreateIcon("Windows.ico", "", 5, 255) GUICtrlCreateIcon("Windows.ico", "", 5, 280) GUICtrlCreateIcon("RSA.ico", "", 5, 306) $UsernameID = GUICtrlCreateInput("", 110, 264, 185, 21) $ADPassID = GUICtrlCreateInput("", 110, 289, 185, 21, $ES_PASSWORD) $RSAPass = GUICtrlCreateInput("", 110, 315, 185, 21, $ES_PASSWORD) GUICtrlCreatePic("TitlebarBig.bmp", 0, 0, 325, 57, BitOR($SS_NOTIFY, $WS_GROUP)) GUICtrlCreateLabel("WARNING this is a default text BLAH BLAH.", 15, 72, 296, 172) $Login = GUICtrlCreateButton("&Login", 128, 340, 75, 25, $BS_DEFPUSHBUTTON) GUISetState(@SW_SHOW) #EndRegion ### END Koda GUI section ### ; Close all open VPN connections if any $PID = ProcessExists("vpngui.exe") If $PID Then ProcessClose($PID) ; while OK is not pressed, display the GUI Do $msg = GUIGetMsg() ; close if X button pressed If $msg = $GUI_EVENT_CLOSE Then Exit EndIf Until $msg = $Login ; store username & password $UserName = GUICtrlRead($UsernameID) $ADPass = GUICtrlRead($ADPassID) $Password = GUICtrlRead($RSAPass) $Domain = "MYDOMAIN" ; hide during processing GUISetState(@SW_HIDE, $Form1) ; Displaying connection dialog ProgressOn("OFFICE-VPN", "VPN Starting", "0%", -1, -1, 16) Sleep(500) ProgressSet(5, "5%") Sleep(500) ProgressSet(10, "10%") ;------------------------ ; Connect VPN ;------------------------ ProgressSet(15, "15%") ;Sleep(500) ProgressSet(20, "20%") ; Run VPN client for External location Run('"C:\Program Files\VPN\VPNClient" connect OFFICE-VPN nocertpwd', "", @SW_HIDE) ; Wait up to 45 seconds for the Application to Start If WinWait("VPN Client | User Authentication for ""OFFICE-VPN""", "passcode", 45) == 0 Then ProgressOff() MsgBox("", "Application Not Started", " VPN not started. login is exiting.") Exit (2) EndIf If Not WinActive("VPN Client | User Authentication for ""OFFICE-VPN""", "passcode") Then WinActivate("VPN Client | User Authentication for ""OFFICE-VPN""", "passcode") WinWaitActive("VPN Client | User Authentication for ""OFFICE-VPN""", "passcode") ProgressSet(25, "25%") ;Send Login credentials to VPN Send("{ALTDOWN}u{ALTUP}") Send($UserName) Send("{TAB}") Send($Password) Send("{ENTER}") ProgressSet(30, "30%") ProgressSet(40, "40%") Sleep(2000) ProgressSet(55, "55%") Sleep(10000) $VAR = Ping("DOMAINCONTROLLER", 500) If $VAR Then Run('"C:\Program Files\VPN\VPNGui"') ProgressSet(60, "60%") RunAsSet(GUICtrlRead($UsernameID), "MYDOMAIN", GUICtrlRead($ADPassID), 0) RunWait(@ComSpec & ' /C ' & "\\MYDOMAIN\data\VPNUpdate\VPNMap.cmd", "", @SW_MAXIMIZE) ProgressSet(65, "65%") RunAsSet() Else ;Checks for Bad Domain Login Information If WinExists("AutoIT Error") Then WinClose("AutoIT Error") ProgressOff() MsgBox(0, "Login Issue!", "Unable to login to the domain to map your drives.") EndIf ;For $i = 5 to 1 Step -1 If Not WinActive("VPN Client | User Authentication for ""OFFICE-VPN""", "passcode") Then $i = 1 Do $VAR2 = Ping("DOMAINCONTROLLER", 500) If $VAR2 Then Run('"C:\Program Files\VPN\VPNGui"') RunAsSet(GUICtrlRead($UsernameID), "MYDOMAIN", GUICtrlRead($ADPassID), 1) Run("\\MYDOMAIN\data\VPNUpdate\VPNMap.cmd", "", @SW_HIDE) RunAsSet() EndIf $i = $i + 1 Until $i = 5 ProgressOff() MsgBox(0, "", "Unable to contact VPN, please check your internet connection or password and try again.") Exit EndIf EndIf Sleep(3000) ProgressSet(75, "75%") Sleep(3000) ProgressSet(100, "100%") Sleep(1000) ProgressOff() ;This creates the VPN Disconnect GUI box $InputBox = GUICreate("OFFICE-VPN Connected", 205, 90) GUISetIcon("16x16.ico") GUICtrlCreateLabel("You are now connected to the OFFICE VPN", 5, 10) GUICtrlCreateLabel("", 5, 20) GUICtrlCreateLabel("When finished please select disconnect.", 5, 30) $EXIT = GUICtrlCreateButton("Disconnect", 75, 60, 70, 20, $BS_DEFPUSHBUTTON) ;This causes the application to exit GUISetState() Sleep(15000) GUISetState(@SW_MINIMIZE) ; Disconnect all Mapped drives and close the VPN connection Do $msg = GUIGetMsg() ; close if X button pressed If $msg = $GUI_EVENT_CLOSE Then Exit EndIf Until $msg = $EXIT Run('net use * /delete /Y', "", @SW_HIDE) Run('"C:\Program Files\VPN\VPNClient" disconnect', "", @SW_HIDE) WinWaitClose("VPN Client", "button1", 10) ProcessClose("vpngui.exe") Exit