A poor man's "AD" scripting using kixtart in NT4

One member uses a simple kixtart mechanism to create (NT)"active" groups, combining access permissions and scripting.

A very simple kixtart mechanism allows you to create (NT)"active" groups, combining access permissions and scripting....

The engine script resides in netlogon, the scripts called for group membership are stored elsewhere, allowing script admins do their job without the need for write access to netlogon.

process group scripting, generic trick
part of script stored in netlogon share
rtscript points to read-only connected disk
enumerate the groups that user is member of
and check if is there is a script with that name
the 100 test is just a safeguard to avoid endless loops

$rtscript="r:scripts"
$groupcount=0
$group=enumgroup($groupcount)
while $group and $groupcount < 100

$script=$rtscript + "groups" + $group
gosub doscript
$groupcount=$groupcount + 1
$group=enumgroup($groupcount)
loop

append .txt to create the name of the script for easy editing
:doscript
$script=$script + ".txt"
if exist($script)
call $script
endif
return


This was last published in August 2001

Dig Deeper on Microsoft Active Directory Scripting

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close