Cisco VPN with Drive Mappings

[IONCom]

I am trying to complete this VPN script and add drive mappings. I am now STUCK.

My experience with AutoIT is a 3 out of 10 and need to do a shout out for some assistance.

What I am trying to accomplish is run our Cisco VPN software with a specific profile that is the same for all clients. Once connected to the concentrator map the users shares from a CMD file located on a DFS share on the network based on group associations.

The CMD file is using a basic IF INGROUP command.

Everything works fine if the user logs into the laptop with a valid Domain account, however many users share systems and dont get proper mappings or login with a local account. This causes the script to error out and no drives being mapped.

When the users are logged into the laptops as a local account, once the connection is established they do not have access to the DFS share to read the CMD file. I am running a RUNASSET and passing the domain credentials to the DFS share. This allows the users to read the account and the drives are mapped, but they are not showing as they are being mapped within the profile of the RUNASSET credentials and I am unable to get them to display.

I am also not able to get any type of logging to display from the hidden boxes so the users know what is occurring. Any type of assistance is GREATLY appreciated. I think if this can become functional it would be a great addition to any Admins remote solution. Thanks.

Below is the current script as i have it now. As you can see i have been incorporating as many tools as i can to get this cumbersome script working.

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****

#AutoIt3Wrapper_icon=16x16.ico

#AutoIt3Wrapper_outfile=OFFICEVPN.exe

#AutoIt3Wrapper_Res_Fileversion=1.5.0.3

#AutoIt3Wrapper_Res_Icon_Add=Windows.ico

#AutoIt3Wrapper_Res_Icon_Add=RSA.ico

#AutoIt3Wrapper_Res_File_Add="TitlebarBig.bmp", logo, Header

#AutoIt3Wrapper_Run_Tidy=y

#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****

;===============================================================================

;

; Last Modified: 03/25/08

;

;===============================================================================

#include "C:\Program Files\AutoIt3\include\file.au3" ; this is required for file functions to work

#include "C:\Program Files\AutoIt3\include\Process.au3"

#include "C:\Program Files\AutoIt3\include\GUIConstants.au3" ;this is required for a GUI to work

; Check for Internet connection

$VAR1 = Ping("google.com", 1000)

If $VAR1 = 0 Then

$InputBox = GUICreate("No Internet Connection", 250, 100)

GUISetIcon("16x16.ico")

GUICtrlCreateLabel("You do not appear to be connected to the Internet", 5, 10)

GUICtrlCreateLabel("please verify that you have an active connection.", 5, 25)

GUICtrlCreateLabel("When verified, please try running the VPN again", 5, 40)

$EXIT = GUICtrlCreateButton("OK", 100, 70, 70, 20, $BS_DEFPUSHBUTTON) ;This causes the application to exit

GUISetState()

; while OK is not pressed, display the GUI

Do

$msg = GUIGetMsg()

; close if X button pressed

If $msg = $GUI_EVENT_CLOSE Then

Exit

EndIf

Until $msg = $EXIT

Exit

EndIf

#Region ### START Koda GUI section ###

$Form1 = GUICreate("OFFICE-VPN", 325, 367) ; 303, 171) ;W H L T

GUISetIcon("16x16.ico")

GUICtrlCreateLabel("Username", 45, 264, 52, 17)

GUICtrlCreateLabel("Password", 45, 289, 52, 17)

GUICtrlCreateLabel("PIN+RSA", 45, 315, 50, 17)

GUICtrlCreateIcon("Windows.ico", "", 5, 255)

GUICtrlCreateIcon("Windows.ico", "", 5, 280)

GUICtrlCreateIcon("RSA.ico", "", 5, 306)

$UsernameID = GUICtrlCreateInput("", 110, 264, 185, 21)

$ADPassID = GUICtrlCreateInput("", 110, 289, 185, 21, $ES_PASSWORD)

$RSAPass = GUICtrlCreateInput("", 110, 315, 185, 21, $ES_PASSWORD)

GUICtrlCreatePic("TitlebarBig.bmp", 0, 0, 325, 57, BitOR($SS_NOTIFY, $WS_GROUP))

GUICtrlCreateLabel("WARNING this is a default text BLAH BLAH.", 15, 72, 296, 172)

$Login = GUICtrlCreateButton("&Login", 128, 340, 75, 25, $BS_DEFPUSHBUTTON)

GUISetState(@SW_SHOW)

#EndRegion ### END Koda GUI section ###

; Close all open VPN connections if any

$PID = ProcessExists("vpngui.exe")

If $PID Then ProcessClose($PID)

; while OK is not pressed, display the GUI

Do

$msg = GUIGetMsg()

; close if X button pressed

If $msg = $GUI_EVENT_CLOSE Then

Exit

EndIf

Until $msg = $Login

; store username & password

$UserName = GUICtrlRead($UsernameID)

$ADPass = GUICtrlRead($ADPassID)

$Password = GUICtrlRead($RSAPass)

$Domain = "MYDOMAIN"

; hide during processing

GUISetState(@SW_HIDE, $Form1)

; Displaying connection dialog

ProgressOn("OFFICE-VPN", "VPN Starting", "0%", -1, -1, 16)

Sleep(500)

ProgressSet(5, "5%")

Sleep(500)

ProgressSet(10, "10%")

;------------------------

; Connect VPN

;------------------------

ProgressSet(15, "15%")

;Sleep(500)

ProgressSet(20, "20%")

; Run VPN client for External location

Run('"C:\Program Files\VPN\VPNClient" connect OFFICE-VPN nocertpwd', "", @SW_HIDE)

; Wait up to 45 seconds for the Application to Start

If WinWait("VPN Client | User Authentication for ""OFFICE-VPN""", "passcode", 45) == 0 Then

ProgressOff()

MsgBox("", "Application Not Started", " VPN not started. login is exiting.")

Exit (2)

EndIf

If Not WinActive("VPN Client | User Authentication for ""OFFICE-VPN""", "passcode") Then WinActivate("VPN Client | User Authentication for ""OFFICE-VPN""", "passcode")

WinWaitActive("VPN Client | User Authentication for ""OFFICE-VPN""", "passcode")

ProgressSet(25, "25%")

;Send Login credentials to VPN

Send("{ALTDOWN}u{ALTUP}")

Send($UserName)

Send("{TAB}")

Send($Password)

Send("{ENTER}")

ProgressSet(30, "30%")

ProgressSet(40, "40%")

Sleep(2000)

ProgressSet(55, "55%")

Sleep(10000)

$VAR = Ping("DOMAINCONTROLLER", 500)

If $VAR Then

Run('"C:\Program Files\VPN\VPNGui"')

ProgressSet(60, "60%")

RunAsSet(GUICtrlRead($UsernameID), "MYDOMAIN", GUICtrlRead($ADPassID), 0)

RunWait(@ComSpec & ' /C ' & "\\MYDOMAIN\data\VPNUpdate\VPNMap.cmd", "", @SW_MAXIMIZE)

ProgressSet(65, "65%")

RunAsSet()

Else

;Checks for Bad Domain Login Information

If WinExists("AutoIT Error") Then

WinClose("AutoIT Error")

ProgressOff()

MsgBox(0, "Login Issue!", "Unable to login to the domain to map your drives.")

EndIf

;For $i = 5 to 1 Step -1

If Not WinActive("VPN Client | User Authentication for ""OFFICE-VPN""", "passcode") Then

$i = 1

Do

$VAR2 = Ping("DOMAINCONTROLLER", 500)

If $VAR2 Then

Run('"C:\Program Files\VPN\VPNGui"')

RunAsSet(GUICtrlRead($UsernameID), "MYDOMAIN", GUICtrlRead($ADPassID), 1)

Run("\\MYDOMAIN\data\VPNUpdate\VPNMap.cmd", "", @SW_HIDE)

RunAsSet()

EndIf

$i = $i + 1

Until $i = 5

ProgressOff()

MsgBox(0, "", "Unable to contact VPN, please check your internet connection or password and try again.")

Exit

EndIf

EndIf

Sleep(3000)

ProgressSet(75, "75%")

Sleep(3000)

ProgressSet(100, "100%")

Sleep(1000)

ProgressOff()

;This creates the VPN Disconnect GUI box

$InputBox = GUICreate("OFFICE-VPN Connected", 205, 90)

GUISetIcon("16x16.ico")

GUICtrlCreateLabel("You are now connected to the OFFICE VPN", 5, 10)

GUICtrlCreateLabel("", 5, 20)

GUICtrlCreateLabel("When finished please select disconnect.", 5, 30)

$EXIT = GUICtrlCreateButton("Disconnect", 75, 60, 70, 20, $BS_DEFPUSHBUTTON) ;This causes the application to exit

GUISetState()

Sleep(15000)

GUISetState(@SW_MINIMIZE)

; Disconnect all Mapped drives and close the VPN connection

Do

$msg = GUIGetMsg()

; close if X button pressed

If $msg = $GUI_EVENT_CLOSE Then

Exit

EndIf

Until $msg = $EXIT

Run('net use * /delete /Y', "", @SW_HIDE)

Run('"C:\Program Files\VPN\VPNClient" disconnect', "", @SW_HIDE)

WinWaitClose("VPN Client", "button1", 10)

ProcessClose("vpngui.exe")

Exit

[Xenobiologist]

Hi,

I guess this is too much information. Can you break your problems down to little ones?

Mega

[rudi]

Hi.

..and after you broke down that long posting to a small pice of code and ONE question, pls put your code between an [autoit] on top and [/autoit] at the end of your code to make it easy readable (syntax highlighting)

welcome

Regards, Rudi.

[IONCom]

Lets try this: sorry for being so wordy:

When the users are logged into the laptops as a local account, once the connection is established they do not have access to the DFS share to read the CMD file. I am running a RUNASSET and passing their valid domain credentials to the DFS share. This allows the users to read the account and the drives are mapped, but they are not showing as they are being mapped within the profile of the RUNASSET credentials and I am unable to get them to display.

How can I map the drives within the current logged on user account when they are not using a valid domain login.

This is the section I am working on.

;Send Login credentials to VPN
Send("{ALTDOWN}u{ALTUP}")
Send($UserName)
Send("{TAB}")
Send($Password)
Send("{ENTER}")

ProgressSet(30, "30%")
ProgressSet(40, "40%")

Sleep(2000)
ProgressSet(55, "55%")


Sleep(10000)
$VAR = Ping("DOMAINCONTROLLER", 500)
If $VAR Then
Run('"C:\Program Files\VPN\VPNGui"')
ProgressSet(60, "60%")
RunAsSet(GUICtrlRead($UsernameID), "MYDOMAIN", GUICtrlRead($ADPassID), 0)
RunWait(@ComSpec & ' /C ' & "\\MYDOMAIN\data\VPNUpdate\VPNMap.cmd", "", @SW_MAXIMIZE)

The VPN CMD file is using IF INGROUP to find the approriate shares and I am keeping it on the DFS share for a single management point.

[evilertoaster]

1 thing to confirm would be the return values for RunAsSet() and RunWait(). Make sure they are both working correctly.

[IONCom]

They are. When RUNWAIT runs, I have a WHOAMI line in my CMD file to verify that the correct domain credentials are being passed. It shows the drives are mapped correctly and If I open a Commnad prompt on the computer of the credentials that were passed, I do a Net Use and see the drives are mapped with a status of Unavailable but they never show within =the non domain account.

[IONCom]

Figured out a way to make it work.

Set the RUNAS credetials to read the file on the DFS share and write the entires to a local txt file, do a Fileopen of the local file and then pass the credentials in the script:

While 1

$line = FileReadLine($file)

If @error = -1 Then ExitLoop

$Map = $line & " " & "/User:DOMAIN\" & GUICtrlRead($UsernameID) & ' ' & GUICtrlRead($ADPassID)

It reads all the mappings and works like a champ.