0

I want to alter the logon.bat script for our AD users (Windows XP/vista/7 machines and a few servers), so that it writes an environmental variable upon login based on some AD information, like "what group is the user in".

Basically: SET MyADGroup=<some magic query/command that can get that AD information here>

Some Google searches got me into dsget and so on, but that was only on servers and not built into any "normal client".

HopelessN00b
  • 53,795
  • 33
  • 135
  • 209
Ralf
  • 1
  • 1
    This seems silly for any number of reasons - including the fact that a user might be in more than one group. Can you tell us what problem you're actually trying to solve? – mfinni May 12 '11 at 13:00

2 Answers2

1

I would think it would be easier to use GPP:

http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Preferences-Get-Them-Running-Today.html

joeqwerty
  • 109,901
  • 6
  • 81
  • 172
0

You can get a list of the groups a user belongs to using the "NET USER" command:

net user <username> /domain

The command provides lots of informations, including group membership; but storing that in a variable can get tricky, because you would need to parse the command's output.

Massimo
  • 70,200
  • 57
  • 200
  • 323