SSL VPN
Reply
Contributor
kcorace
Posts: 18
Registered: ‎02-22-2008
0
Accepted Solution

Network Connect Logon Script

One of the shortcomings that I see with the SSL VPN is that you can't use <userAttr.scriptPath> for running a logon script for network connect.

 

Has anyone written a vb script file that does the LDAP bind to pull and get this variable?  You can then execute cscript with that .vbs file that you get back.  Our AD infrastructure uses .vbs files for all users logons and I don't want to try and manually tie script files to user roles as they may change.

 

The only way I can see this scaling for a large organization is to have a .bat file (one thing ssl vpn accepts) that calls a vbs file that will pull your scriptPath attribute and execute that with another cscript call.

 

Any other solutions?

New User
RichPhx
Posts: 1
Registered: ‎09-10-2008

Re: Network Connect Logon Script

Here is a script I did a couple years ago. Might be what you need.   

 

 

'*  Purpose:           Script reads in scriptpath attribute from AD and runs their login script.  For Juniper VPN Users.
'*                       
'*
On Error Resume Next
Const ADS_SCOPE_SUBTREE = 2

Set objShell = WScript.CreateObject("WScript.Shell")
Set objNetwork = CreateObject("Wscript.Network")
strUser = objNetwork.UserName
wscript.echo "User: " & strUser

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = ("ADsDSOObject")
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection
objCommand.CommandText = "SELECT samAccountName,scriptpath,ADsPath FROM " & _
    "'LDAP://dc=hotelgroup,dc=com' " & _
        "WHERE samAccountName = " & strUser
objCommand.Properties("SearchScope") = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute

If objRecordSet.RecordCount = 0 Then
    Wscript.Echo "User not found."
    Wscript.Quit
Else
    objRecordSet.MoveFirst

 Do Until objRecordSet.EOF
     Wscript.Echo objRecordSet.Fields("ADsPath").Value
     Wscript.Echo "Running login Script: " & objRecordSet.Fields("scriptpath").Value
     strScript = objRecordSet.Fields("scriptpath").Value
     objRecordSet.MoveNext
 Loop

End If

 'Launch Script

objShell.Run("%comspec% /c \\domain\netlogon\" & strScript ), 1, True

Wscript.echo "End of Script"

Contributor
kcorace
Posts: 18
Registered: ‎02-22-2008
0

Re: Network Connect Logon Script

Thank you for saving me time.  This is just what I needed.
Visitor
Mangolinux
Posts: 3
Registered: ‎04-01-2009
0

Re: Network Connect Logon Script

I tried this script and get a user not found error however this part (wscript.echo "User: " & strUser) returns the correct user.
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.