Sign in to follow this  
Followers 0
PeterAtkin

Domain Logon Script

3 posts in this topic

#1 ·  Posted (edited)

I decided to learn autoscript because.... To make my life easier, so through the months that I been leaching from these forums without any remorse I thought its time that I try and put some stuff back.

I run an IT company in Uganda (Africa) Computer Facilities so these scripts are more functional than anything else, their well tested for use with XP, Vista and Windows 7 so far have not given me any issues, that been said I'm no expert and if anyone wants to tidy these up and make useful suggestions I'm more than happy.

Some of the scripts that I have done are Windows Vista 7 OEM editor (aimed at institutions like mine who do a lot of basic setups) , Auto silent install for various programmes (for use in clean install / basic setup a real time and manpower saver), AD logon script, some security related scripts that I'm still working on, will post as and when..

I'm not very good at documenting but any sensible questions I am very happy to answer.

Main points of this script (domain logon) are:

- Most customisation can be easily done from the logon script with the [settings] section.

- Will display .bmp (splash), automatically centre picture no size limitation, just make sure it can fit on the screen, useful for basic client customisation.

- Fully configurable .ini file where most common setting can be edited without the need for programming knowledge, similar syntax as you would use in a batch file.

- Group centric, add shares and printers on a AD group bases

- User centric, add shares and printers on a AD user bases

- Basic cleanup of PC when scripts starts, temp files, ie cache, recycle bins

- RDP, ncomputing session aware

- Excellent diagnostics and information pages as well as all errors been reported to the event logs under applications

- Can map none windows device shares in Vista or Windows 7, e.g uses IP instead of UNC names (Problem/Bug with Vista and Windows 7)

- Welcome can be verbal (just a bit of fun)

- Easy to deploy on almost any size AD network.

- Will run on XP, Vista and Windows 7 32bit Client OS, but not on Server OS's (deliberately)

- Designed for use with Windows 2003/8 (R2 included) servers, may run on 2000 but have not tested.

- Test for known malware or unwanted running process, again all read from a separate .ini file

- Will recreate the basic .ini and .bmp files required should they not be present in the script directory.

The script is group ans user centric which means that printers and shares are done at the group and user level.

this file is the vars.ini file that I use, it the basic config file that the main script uses.

var.ini

[Computer Facilities]

url = www.computer-facilities.com

e-mail = support@computer-facilities.com

tel = 0414-533784

[Group Printers]

; Group = Printer \\host\printer share name

Domain Users = \\dc-pri-cfu\hp4250n

Core = \\dc-pri-cfu\hp4700n

[Domain Users]

p: = \\NSA-Core\Public

[core]

; drive and share in this format x: = \\host\share

x: = \\NSA-Core\core

q: = \\NSA-Core\quickbooks

t: = \\NSA-Core\clients

u: = \\NSA-Core\suppliers

n: = \\NSA-Core\localcoms

[engineers]

s: = \\NSA-Core\source

w: = \\NSA-Core\quotewerks

[Domain Admins]

s: = \\NSA-Core\source

r: = \\dc-pri-cfu\Remote Installs

[peter]

k: = \\temp\download

j: = \\temp\work

m: = \\temp\music

[Groups]

; as default a global group is used that should have all users that are allowed to use this script in.

; the default group name is the 'Domain Users' this group will also need to be added within this as per groups below.

1 = Domain Users

2 = core

3 = Domain Admins

4 = Engineers

5 = quoteworks

[settings]

; Verble welcome but is switched off when in 'RDP' or 'nComputing' session

voice_welcome = Yes

homebase = \\NSA-Core\user

homebase_drive = h:

homebase_post =

tempfile_clean = Yes

IE_clean = Yes

empty_bins = Yes

Company = Computer Facilities

Splash = No

Diags = 0

post_msg = e-mail support@computer-facilities.com or call 0414-533784

detect_processes = Yes

Script needs to be complied and then run from netlogon directory on the server with the vars.ini file in the same directory.

malware.ini

[Malware]

$sys$DRMServer.exe = XCP DRM

afinding.exe = AdClientDl A

AntiVirGear 3.8.exe = AntiVirGear

antvrs.exe = Win32/SillyDl.EMX

AUTOUPDATE.EXE = AproposMedia

av2009.exe = Spyware Antivirus 2009

B2BUpdate.exe = B2BUpdate

bargains.exe = Bargain Buddy

BLOCK-CHECKER.EXE = BLOCK-CHECKER

BO1HEL~1.EXE = Butterfly Oasis Screensav...

CDProxyServ.exe = XCP.Sony.Rootkit

cmesys.exe = GAIN / Gator

cool.exe = cool.exe

cproc.exe = cproc.exe

crss.exe = Part of W32.AGOBOT.GH Crss.exe is a process forming part of the W32.AGOBOT.GH worm

ctfmon.exe = ctfmon.exe - threat

CXTPLS.EXE = AproposMedia

DateManager.exe = Gator adware

DC6cw.exe = DC6cw

dcmon.exe = SystemDoctor 2006 Free

dcsm.exe = DriveCleaner

desktop.exe = Desktop Search

dllhost.exe = Possible Virus

DNSE.exe = DriveCleaner Free

DSSAGENT.EXE = Broderbund DSSagent

flashget.exe = FlashGet

FreezeScreenSaver.exe = FreezeScreenSaver

gamevance32.exe = Gamevance

icmntr.exe = Zlob Trojan

Icon.exe = icon.exe

istsvc.exe = IST adware/hijacker

lsasss.exe = W32/Sasser.E Worm

lssas.exe = Optix.Pro trojan

m3IMPipe.exe = MyWebSearch

mrofinu1188.exe = VirusprotectPro

mrofinu572.exe = Trojan-Downloader.Win32.A...

msasvc.exe = Microsoft authenticate se...

msnmsgr.exe = Win32.Agobot.AGM

nvcpl.exe = Part of W32.SpyBot.S Worm Nvcpl.exe is a process which is registered as the W32.SpyBot.S

qttask.exe = Win32.Drugtob

rlvknlg.exe = Relevant Knowedge

scvhost.exe = Part of W32/Agobot-S virus The scvhost.exe file is a component of the W32/Agobot-S virus

SearchSettings.exe = Search Settings

slsk.exe = soulseek

soproc.exe = soproc

Srv.exe = Zango Search Assistant

StillMnt.exe = StillMnt.exe

stm.exe = PCPrivacy Tool (CA)

stopthepop.exe = stopthepop

spooldr.sys = The Trojan.Packed.13 is a malicious process that is distributed through Glossary Link spam known as Peacomm.

strpmon.exe = SafePCTool (CA)

svdhost.exe = Win32/Lioten.GG

svehost.exe = WORM_SPYBOT.H

svhost.exe = Part of W32.Mydoom.I@mm Svhost.exe is a process which is associated with the W32.Mydoom.I@mm worm

svrse.exe = W32/IRCbot.gen.a!a38744c9...

Sync.exe = WhenU ClockSync

tbon.exe = Best Offers

TSADBOT.EXE = Conducent

udcpas.exe = DriveCleaner

udcsdr.exe = DriveCleaner

USS.exe = USS.exe Trojan

VistaDrive.exe = VistaDrive

WeatherStudio Desktop.exe = WeatherStudio Desktop

webbuying.exe = Web Buying

webrebates.exe = Win32.Agent.bf

wfxcwr.exe = WinFixer

wfxqhv.exe = wfxqhv.exe

whagent.exe = Webhancer

whse.exe = WhenUsearch Bar

whSurvey.exe = WebHancer

winable.exe = TROJ_AGENT.AAWZ

WinAV.exe = Win32/WinSoftware.WinAnti...

windupd.exe = Downloader.Bancos!gen

WinForm.exe = Adware, WinForm.exe and WinFormKeep.exe run together

WinFormKeep.exe = Adware, WinForm.exe and WinFormKeep.exe run together

winlog.exe = W32/Agobot-LF

winsys2.exe = winsys2

wserving.exe = AdClientDl A

WSup.exe = HuntBar

WToolsA.exe = HuntBar

WToolsS.exe = HuntBar

Xhrmy.exe = LinkTracker spyware

xpupdate.exe = xpupdate.exe

xpuupdate.exe = Oneraw BN

zango.exe = Zango / 180Search

ZangoSA.exe = Zango Search Assistant

ZbSrv.exe = Zango

If you want to use autoit none complied running on a windows server platform then see Use AutoIT as a Windows Login Script this will point you in the right direction.

ToDo..

- Tidy up script (always present)

- A better way to do the Progress bar :Ver. 1.1.0.17

- Better Error control for drives / hosts that are not present :Ver. 1.0.0.10

- Redo .ini file parameters to give more flexibility : Ver. 1.1.0.16

- Redo the .ini file arrays so array are read into memory first then referenced from memory not the .ini file. :Ver. 2.0.0.0

- Redo network printer function to allow more than one printer per AD group :Ver. 2.0.0.0

- Add facility to delete all printers (not as easy as it sounds)

- detect if computer and/or user is newly joined to the domain

- Add internal e-mail support for error messages

- Add log files to replace diags mode. : Ver. 2.0.0.2

- silent install of main applications if not present on client system (already done as a separate app, now need to integrate it)

Dependencies and Versions:

- Logon V2 :This is a rewrite where most of the .ini file read routines were redone to allow them to be run from memory instead of disk, increased speed of the logon script tremendously.

- Autoit 3.3.6.1: http://www.autoitscript.com/autoit3/downloads.shtml

External UDF's Required

- AD .40: http://www.autoitscript.com/forum/index.php?showtopic=106163

- Log 1.0: http://www.autoitscript.com/forum/index.php?showtopic=119032

Must Reads

- Vista Windows 7 none issues when mapping to none windows storage devices, you will need to edit your GPO?

http://social.technet.microsoft.com/Foru...ead/4606ad12-1f23-4231-8597-8e515422d57d

Version 2.0.0.2 (18 Sept 2010)

Put the below files in a directory named [files] you will also need the above .ini files put into the same before compiling.

logon.au3

cfu_logo.bmp

favicon.ico

Fully compiled version for those that want it...

logon.exe

Accreditation's and References:

- Drive mapping: http://www.autoitscript.com/forum/index....ic=110567&st=0&gopid=776497&#entry776497

- User Profile Type: http://www.autoitscript.com/forum/index.php?showtopic=113711

- Splash Screen: http://www.autoitscript.com/forum/index.php?showtopic=115441

- IP Stuff: http://www.autoitscript.com/forum/index....l=IP%20gateway&fromsearch=1&#entry625302

- IP Stuff: http://www.autoitscript.com/forum/index....ic=109887&st=0&gopid=772563&#entry772563

- IP Stuff: http://msdn.microsoft.com/en-us/library/aa394217(VS.85).aspx

- Malware Scanner: http://www.autoitscript.com/forum/index.....ic=87144&st=0&gopid=827573&#entry827573

- Generic Array: http://www.autoitscript.com/forum/index....ic=119057&st=0&gopid=827940&#entry827940

Normal Terms of usage just make sure that if you use my code/script to credit me and others that are relevant! Keeps me amused and makes me feel wanted..

Edited by PeterAtkin

[topic='115020'] AD Domain Logon Script[/topic]

Share this post


Link to post
Share on other sites



Just had a quick look at the AD stuff.

You do _AD_Open (line 64) and _AD_Close (line 97) and then you call _ifmember (line 98) that itself does _AD_Open and _AD_close again. Move line 98 before line 97 and remove _AD_Open and _AD_Close from function _ifmember. Gives a bit more speed.

Line 73: cannot use 'domain users' ... That's true you can't check membership for this group as this is the primary group for a user and always empty. You can check the primary groups like this:

_AD_IsMemberOf("domain users", @UserName, True)
This checks if the user is a member of the specified group. If this returns false then the primary group of the user is checked.

make sure your usergroups do not have groups within as they seem not to be read ... In this case you have to do recursive checking of membership. Use _AD_RecursiveGetMemberOf instead.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

Wow thanks for the info very useful..

Edited by PeterAtkin

[topic='115020'] AD Domain Logon Script[/topic]

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0