Retrieving Basic Logon and Computer Information

  • Article

Microsoft® Windows® 2000 Scripting Guide

Logon scripts often require basic information about a user and his or her computer. For example, if you know the user name, you can connect to the user account object in Active Directory and determine the groups that the user belongs to. In turn, you can then make certain resources available to that user, depending on group membership. Of course, your ability to do that hinges on your ability to determine the name of the user who just logged on.

Likewise, if you know the computer name or the site name, you can map appropriate drives ahead of time for users. For example, a computer located at site A might have drives mapped to file server A, while a computer located at site B might have drives mapped to file server B.

Some of this information (user name, computer name, and domain name) can be returned using the Windows Script Host (WSH) Network object. However, there are at least two limitations to the Network object.

  • The Network object returns only the user logon name (for example, kenmeyer). By itself, this name cannot be used to bind to the user account object in Active Directory. Instead, you need a distinguished name similar to CN=KenMeyer, OU=Management, DC=Fabrikam, DC=com. The same is true for computers.

  • The Network object can return only the names of the user, the domain, and the computer; it cannot provide information about items such as the forest name or the site.

If you need this additional information, or if you need to bind to the user or computer account in Active Directory, you can instead use the IADsADSystemInfo interface, an ADSI interface implemented in the ADSystemInfo object (Activeds.dll). This object returns the attributes shown in Table 9.2.

Table 9.2 Attributes of the ADSystemInfo Object

Attribute

Description

UserName

Distinguished name for the logged-on user. The distinguished name is in the form CN=KenMeyer, OU=Management, DC=Fabrikam, DC=com.

ComputerName

Distinguished name for the computer account.

SiteName

Site in which the computer account is located.

DomainShortName

"Short name" for the domain. For example, the name na is returned for the domain na.fabrikam.com.

DomainDNSName

DNS name for the domain (for example, na.fabrikam.com).

ForestDNSName

DNS name for the forest (for example, fabrikam.com).

PDCRoleOwner

Distinguished name of the directory service agent that serves as the primary domain controller (PDC) emulator.

SchemaRoleOwner

Distinguished name of the directory service agent that serves as the schema master.

IsNativeMode

Boolean value that indicates whether the domain is in native mode.

Scripting Steps

Listing 9.1 contains a script that uses ADSystemInfo to return basic information about a computer and computer account. To carry out this task, the script must perform the following steps:

  1. Create an instance of the ADSystemInfo object.

  2. Echo the values of ADSystemInfo attributes such as user name, computer name, and site name.

Listing 9.1 Retrieving Basic Computer Information Using ADSystemInfo

   
1
2
3
4
5
6
7
8
9
10

Set objSysInfo = CreateObject("ADSystemInfo")
Wscript.Echo "User name: " & objSysInfo.UserName
Wscript.Echo "Computer name: " & objSysInfo.ComputerName
Wscript.Echo "Site name: " & objSysInfo.SiteName
Wscript.Echo "Domain short name: " & objSysInfo.DomainShortName
Wscript.Echo "Domain DNS name: " & objSysInfo.DomainDNSName
Wscript.Echo "Forest DNS name: " & objSysInfo.ForestDNSName
Wscript.Echo "PDC role owner: " & objSysInfo.PDCRoleOwner
Wscript.Echo "Schema role owner: " & objSysInfo.SchemaRoleOwner
Wscript.Echo "Domain is in native mode: " & objSysInfo.IsNativeMode