[Samba] Samba4 - mapping Network Drives based on Group membership

[Varoujan Avanessians]

Hi All

I have a problem running a logon script to map network drives based on
Group Membership. The script is a VBScript that resides in the netlogon
share. It Works just fine when the logged in user is a Domain Admin but
fails to get the Group information when logged in as a regular user. For
example when I login as administrator who is a member of every Group (For
test only  all the requested Drives are mapped. When I login as testuser1
who is a member of HR Group say,  only a Public drive is mapped and nothing
else.

This seems to be a permission issue querying  Active Directory, and I have
no idea on how to give users the permission to Query the AD in Samba4. Can
anyone help?

for reference here is the VBScript I use:


On Error Resume Next

Set objSysInfo = CreateObject("ADSystemInfo")
Set objNetwork = CreateObject("Wscript.Network")

strUserPath = "LDAP://" & objSysInfo.UserName
Set objUser = GetObject(strUserPath)

objNetwork.MapNetworkDrive "Z:", "\\10.100.1.128\Public"

For Each strGroup in objUser.MemberOf
    strGroupPath = "LDAP://" & strGroup
    Set objGroup = GetObject(strGroupPath)
    strGroupName = objGroup.CN




    Select Case strGroupName
        Case "HR"
            objNetwork.MapNetworkDrive "N:", "\\10.100.1.128\HR"

        Case "Engineering"
            objNetwork.MapNetworkDrive "y:", "\\10.100.1.128\Engineering"

        Case "Payroll"
            objNetwork.MapNetworkDrive "M:", "\\10.100.1.128\Payroll"

        Case "IT"
            objNetwork.MapNetworkDrive "O:", "\\10.100.1.128\Data"
            objNetwork.MapNetworkDrive "X:", "\\10.100.1.128\IT-APS"
    End Select
Next


Thanks

-- 
*Varouj (V.J.) Avanessians | Sr. Linux Sys Administrator | ACCO Engineered
Systems*
6265 San Fernando Rd | Glendale, California | 91201- 2214
(818)-730-5846 Mobile | (818)-244-6571 Main*
*