Map drives based on user’s AD group membership using IFMEMBER
Login scripts are very handy – but when it comes to mapping drives (or processing other commands) based on the users active directory group membership – it can be a bit of a pain.
Thats where Ifmember.exe (part of the Windows Server 2003 Resource Kit) comes in.
You can get this to work for you in one of two ways. The first is to have it call it from within your login script and then evaluate the errorlevel (Errorlevel 1 if they are a member or 0 if not) – which is multiline and not very tidy. The other option is to use conditional execution (executes additional commands depending on which errorlevel the command returns).
Perhaps the best way to explain this is through a few examples:
ifmember Finance || net use f: \\server\finance
Assuming that the current user *is* a member of the ‘Finance’ group – it will map drive F. Similarly, you can use && instead to process commands if the user is *NOT* a member of Finance:
ifmember Finance && net use f: \\server\someothershare
Of course, these examples both assume that ifmember.exe is in the local machines search path (or it’s being called from the same directory as the script). Another option is that you could call it through a UNC path:
\\server\tools\ifmember.exe Finance || net use f: \\server\finance
Which works quite well!
You can obtain ifmember.exe either as part of the Windows 2003 Server Resource Kit Tools from Microsoft here (which is well worth doing!):
Or you can get just the file itself from:
Did you find this hint useful? Are you looking to learn more? Well, here’s a few books that I’ve found useful – have a goosie!
 Active Directory for Dummies |
 Microsoft Windows Shell Script Programming |
 Microsoft Windows Script Host |
 Mastering Windows Server 2003 |
This solved me problem. Tnx.