Contents 1 Mounting a Drive Manually 2 Mounting a Drive with VBS Login Scripts 3 Mounting a Drive from the Command Prompt 4 Non-ADS Access 5 Off-campus but ADS-enabled Access

[edit] Mounting a Drive Manually

1. Double-click My Computer
2. Click Tools. Click Map Network Drive.
3. Choose a drive letter to map in the “Drive:” pull down box.
   • In folder, type: \\SERVERNAME.cwru.edu\NETWORKSHARE
     
   • Replace servername with the name of the server; ex: SpicedApple
     
   • Replace networkshare with the name of the network share; ex: Homes
   • Note: The .cwru.edu must be used in order to properly authenticate to the server If the .cwru.edu is omitted, Windows may attempt to use NTLM authentication and fail if logged in with a Kerberos account.
   • Note 2: Login scripts from GPOs which mount drivers should use the fully qualified hostname as well, especially when laptops will be involved. Omitting will cause laptops mounting thru Cisco VPN to fail (LAN users and XP-built-in VPN users will work correctly, however).
4. Click the underlined “Connect using a different user name.”
   • In Username, type in INS.CWRU.EDU\CaseUserID
   • In Password, type your Case ID network password.
   • Note: If INS.CWRU.EDU is omitted, Windows will pass the username as ADS\CaseUserID, which does not exist.
5. Click Ok and then finally, Finish. The drive should mount.

[edit] Mounting a Drive with VBS Login Scripts

Sample Script

Dim objNet
Set objNet = CreateObject("Wscript.Network")
objNet.MapNetworkDrive "H:", "\\SERVERNAME.cwru.edu\NETWORKSHARE"
WSCript.Quit

Unfortunately, this doesn't work from windows Vista. To do the same thing in Vista you can have your login script create a scheduled task which does what you want instead.

So your login script might say...

Sample Script

<job>
<script language="VBScript">
'---------------------------------------------------------
' This sample launches the application as interactive user.
'---------------------------------------------------------
const TriggerTypeRegistration = 7 ' A constant that specifies a registration trigger.
const ActionTypeExecutable = 0 ' A constant that specifies an executable action.
const FlagTaskCreate = 2 ' A constant that specifies the flag in RegisterTaskDefinition.
const LogonTypeInteractive = 3 ' A constant that specifies an executable action.
If WScript.Arguments.Length <> 1 Then
WScript.Echo "Usage: cscript launchapp.wsf <AppPath>"
WScript.Quit
End If
strAppPath = WScript.Arguments(0) ' This is the script to run.
'********************************************************
' Is this Vista or XP?
' Begin the section added by Jarvis
'********************************************************
' This section that determines OS version is a modified version of code
' originally posted at the following web page:
' http://blog.eqinox.net/jed/archive/2006/12/05/1270.aspx
'
Dim vistaClient
Dim wshShell
Set wshShell = CreateObject("WScript.Shell")
computer = "."
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & computer & "\root\cimv2")
Set objOSList = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")
For Each os In objOSList
BuildNumber = OS.BuildNumber
If BuildNumber < 6000 Then
NotVistaClient = True
End If
Next
If NotVistaClient = True Then
wshShell.Run(strAppPath), 0, False ' Run the logon script normally
WScript.Quit
Else ' Run the logon script using launchapp.wsf
'********************************************************
' The next two lines set a string variable that adds two minutes to the
' current date/time to be used to set an endboundary to the scheduled task.
' This uses a Function named format that is at the end of the script
'********************************************************
strTwoMinutesfromNow = format(now(), "yyyy-mm-dd")
strTwoMinutesfromNow = strTwoMinutesfromNow & "T" & format(DateAdd("n", 2, time()), "hh:mm:ss")
'********************************************************
' This function was attributed to Scott Dixon on the following web page
' http://classicasp.aspfaq.com/date-time-routines-manipulation/can-i-make-vbscript-format-dates-for-me.html
'
Function Format(vExpression, sFormat)
set fmt = CreateObject("MSSTDFMT.StdDataFormat")
fmt.Format = sFormat
set rs = CreateObject("ADODB.Recordset")
rs.Fields.Append "fldExpression", 12 ' adVariant
rs.Open
rs.AddNew
set rs("fldExpression").DataFormat = fmt
rs("fldExpression").Value = vExpression
Format = rs("fldExpression").Value
rs.close: Set rs = Nothing: Set fmt = Nothing
End Function
'********************************************************
'********************************************************
' End the section added by Jarvis
'********************************************************
'********************************************************
' Create the TaskService object.
'********************************************************
Set service = CreateObject("Schedule.Service")
call service.Connect()
strTaskName = "Launch Logon Script As Interactive User"
'********************************************************
' Get a folder to create a task definition in.
'********************************************************
Dim rootFolder
Set rootFolder = service.GetFolder("\")
'Delete the task if already present
On Error Resume Next
call rootFolder.DeleteTask(strTaskName, 0)
Err.Clear
'********************************************************
' Create the new task
'********************************************************
Dim taskDefinition
Set taskDefinition = service.NewTask(0)
'********************************************************
' Create a registration trigger.
'********************************************************
Dim triggers
Set triggers = taskDefinition.Triggers
Dim trigger
Set trigger = triggers.Create(TriggerTypeRegistration)
trigger.EndBoundary = strTwoMinutesfromNow
'***********************************************************
' Create the action for the task to execute.
'***********************************************************
' Add an action to the task. The action executes the app.
Dim Action
Set Action = taskDefinition.Actions.Create( ActionTypeExecutable )
Action.Path = strAppPath
'uncomment the following line if you want the user to know what you're doing
'WScript.Echo "Task definition created. About to submit the task..."
'***********************************************************
' Register (create) the task.
'***********************************************************
call rootFolder.RegisterTaskDefinition(strTaskName, taskDefinition, FlagTaskCreate,,, LogonTypeInteractive)
'WScript.Echo "Task submitted."
End If
</script>
</job>

Also, here's a script that can map drives as appropriate, based upon groups that the person is a member of. It even recurses to go through all the nested group levels (i.e. in active directory a person can belong to a group that's a member of another group, etc. etc.).

Sample Script

Option Explicit
Dim objNetwork, objUser, CurrentUser, objFSO, wshShell, objObject
Dim strGroup, strGroupDN, strGroupDNval, memberof, groupsjoined
Dim dicSeenGroup

'*******define constants at top for ease of editing

Const AcadComputing = "cn=som-do-Acad-Computing"
Const AcadComputingDrive1 = "z:"
Const AcadComputingShare1 = "\\servername.case.edu\wwwroot"

'*******end constants

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objNetwork = CreateObject("WScript.Network")
Set objUser = CreateObject("ADSystemInfo")
'Set CurrentUser = GetObject("LDAP://" & objUser.UserName)
'Set CurrentUser = "CN=nrb5,OU=People,DC=ads,DC=case,DC=edu"
'wscript.echo "objUser.Username = " & objUser.Username
'wscript.echo "Current user = " & objUser.Username
set dicSeenGroup = CreateObject("Scripting.Dictionary")

'DisplayGroups "LDAP://" & CurrentUser, dicSeenGroup
DisplayGroups "LDAP://" & objUser.Username, dicSeenGroup

strGroup = lcase(Join (dicSeenGroup.Keys))

if InStr (strGroup, LCase(AcadComputing)) then
   mapdrive AcadComputingDrive1, AcadComputingShare1
end if


'------ start functions here -------------

Function DisplayGroups ( strObjectADsPath, dicSeenGroup)

   dim colGroups

   set objObject = GetObject(strObjectADsPath)
'   WScript.Echo "object name = " & objObject.Name
     memberof = objObject.memberof
'     wscript.echo "memberof data type is: " & vartype(memberof)
     if isEmpty (memberof) then
        exit function
     end if
     if IsArray(memberof) then
        colGroups = memberof
'        wscript.echo "memberof 1 is :" & memberof(1)
     else
        colGroups = Array( memberof )
     end if
'     wscript.echo "colgroups =" & colGroups
'      wscript.echo "colgroups data type =" & vartype (colGroups)
'     groupsjoined = join ( colgroups )   
'     wscript.echo "groupsjoined = " & groupsjoined
     for each strGroupDNval In colGroups
'       wscript.echo "strGroupDNval data type is: " & vartype(strGroupDNval)
'       wscript.echo "strGroupDNval = " & strGroupDNval
        if Not dicSeenGroup.Exists(strGroupDNval) then
           dicSeenGroup.Add strGroupDNval, 1
'           wscript.echo "strGroupDNval = " & strGroupDNval
           DisplayGroups "LDAP://" & strGroupDNval, dicSeenGroup
        end if
     next

End Function

function mapdrive (DriveLetter, ShareName)
   if objFSO.FolderExists(DriveLetter) then
     objNetwork.RemoveNetworkDrive DriveLetter
   end if
'   wscript.echo "about to map " & DriveLetter & " to " & ShareName
   objNetwork.MapNetworkDrive DriveLetter, ShareName
end function

[edit] Mounting a Drive from the Command Prompt

[edit] Non-ADS Access

This is a work-around for non-ADS computers needing to access ADS file shares. Remote Desktop can be used to share the local drives of the non-ADS computer, to which files can be copied. By connecting via Remote Desktop to an existing, on-campus ADS computer you will be able to access ADS file shares as usual. This does not allow you to mount any drives, but you will still be able to do direct file copying.

Here are the computer names I will use below:

• HOMECOMPUTER.somewhere.com is the non-ADS computers needing to access ADS file shares (possibly off-campus).
• ADSCOMPUTER.cwru.edu is the ADS computer providing Remote Desktop access.
• SERVER.cwru.edu is some ADS computer with an interesting file share at \\SERVER.cwru.edu\files.

The goal is to copy \\SERVER.cwru.edu\files\file1.txt to HOMECOMPUTER's C:\ drive.

1. Enable Remote Desktop on ADSCOMPUTER with proper security controls.
2. If HOMECOMPUTER does not run WinXP/2000, go to http://www.microsoft.com/windowsxp/downloads/tools/rdclientdl.mspx . Download the Remote Desktop Client and install it. If HOMECOMPUTER runs WinXP/2000, you already have the Remote Desktop Client.
3. If HOMECOMPUTER is not on campus (at this time), it must VPN to CWRU. Use your CWRUnet ID (e.g. abc123) as normal. Install the CWRU VPN Client and run it. https://vpnsetup.case.edu
4. On HOMECOMPUTER Click Start, click All Programs, click Accessories, click Communications, and then click Remote Desktop Connection.
5. Click Options, type ADSCOMPUTER.cwru.edu into the computer field. Change your username to your CWRUnet ID, and change Domain to INS.CWRU.EDU. You may enter your password now (in the password field) or when you connect; it's up to you.
6. Click the Display Tab. Change "Remote computer sound" to "Leave at remote computer". Change "Local Devices" so that Disk drives is checked and Printers is unchecked.
7. Click the Experience Tab. Change the drop down list to LAN or Broadband, as appropriate.
8. Click the General Tab. Click Save As... and name the file ADSCOMPUTER.rdp, so that you don't have to repeat these steps later.
9. Click Connect. Enter your password if necessary. Remember to make sure you change Domain to INS.CWRU.EDU if it didn't work automatically.

Now you are able to run programs and copy files on ADSCOMPUTER, but most importantly you can connect to \\SERVER.cwru.edu\files as indicated in the earlier set of instructions on this page. Open My Computer and copy files to the HOMECOMPUTER drives, which are listed after all other drives on ADSCOMPUTER.

1. Connect to \\SERVER.cwru.edu\files
2. Select the relevant files/directories. I don't recommend drag-and-drop because some of these steps will be rather slow if you're using VPN.
3. Right click, choose Copy (or hit Ctrl-C)
4. Open My Computer, browse to the correct remote drive (the drive letters will vary)
5. Right click, choose Paste (or hit Ctrl-V).

If you choose "Disconnect" under the start menu on the remote computer, you will remain logged in there and your programs will continue running. If you choose "Log off" under the start menu then your programs will be terminated. I suggest that you always log off so that other people can use ADSCOMPUTER.

This solution is also applicable to computers at CWRU which are intentionally not on ADS. Good reasons for this include: not everyone is ready for ADS yet because of the time required to join and maintain ADS. Some departments have their own independent ADS forest with no trust relationship. Some computers don't need to be on ADS to do their primary function (e.g. running proprietary lab equipment) because access is controlled mostly by being in a physically protected location. In all of these cases, access to ADS file shares may make sense on a temporary basis.

[edit] Off-campus but ADS-enabled Access

As a separate issue, what if the HOMECOMPUTER is actually joined to ADS but not on-campus at the moment? This would be the case for laptops which users take home after work hours. The above configuration will work but it is suboptimal because HOMECOMPUTER can actually map the network drives directly without using Remote Desktop to ADSCOMPUTER. This is accomplished by running the VPN client when Windows starts before the user logs into Windows on HOMECOMPUTER. The users logs in to ADS normally, and then HOMECOMPUTER is on ADS and can directly map \\SERVER.cwru.edu\files. Details soon.