2017-12-14
508
Для организации гибкого управления правами учётными записями пользователя необходимо выполнить настройку Active Directory. В Active Directory необходимо создать групы пользователй и самих пользователей с указанием пароля для них в соответствии с требованиями политики безопасности.
Рис. 3.5 – Типы пользователей домена
Рис. 3.6 – Группы домена
Рис. 3.7 – Свойства ргруппы
Рис. 3.8 – Свойства пользователя
Как видно из примера, пользователь Pronin имеет права администратора домена и состоит в группе SVT, которая является группой сотрудников ИТ отдела. Все остальные учётные записи имеют права пользователей домена.
После настройки Active Directory следует включить в компонентах диспетчера сервера, далее Управление групповой политикой скрипт входа в систему для оптимизации печати и поиска файлов в сети.
On Error Resume Next
Set Shell = CreateObject("WScript.Shell")
Set Network = CreateObject("WScript.Network")
Set MSIE = CreateObject("InternetExplorer.Application")
Set Filesys = CreateObject("Scripting.FileSystemObject")
sTitle = "Вход в сеть..."
sym = 0
SetupMSIE
MSIE.Document.Write "<HTML><TITLE>" & sTitle & _
"</Title><BODY bgcolor=#b9b9e9><FONT FACE=ARIAL size=2>"
If Hour(Now)<12 Then
MSIE.Document.Write "<B>Доброе утро коллега, " & Network.userName & ".</B> <BR> <BR>"
ElseIf Hour(Now)<18 Then
MSIE.Document.Write "<B>Добрый день коллега, " & Network.userName & ".</B> <BR> <BR>"
Else
MSIE.Document.Write "<B>Добрый вечер коллега, " & Network.userName & ".</B> <BR> <BR>"
End If
' ИТ
AddDrv "X:","\\srv-fs1\Distrib2",sym,"svt"
AddDrv "P:","\\srv-fs1\svt",sym,"svt"
AddPrn "SRV-print","SamsungSVT","",sym,"svt"
' СОВД
AddDrv "P:","\\srv-fs1\plotter",sym,"sovd"
AddDrv "Z:","\\srv-fs1\sovd",sym,"sovd"
AddDrv "N:","\\srv-fs1\BGI",sym,"sovd"
AddDrv "I:","\\srv-fs1\Проекты",sym,"sovd"
AddPrn "SRV-PRint","hplj5200sovd","",sym,"sovd"
' Архитектурно-строительный комплекс
AddDrv "N:","\\srv-fs1\Architects",sym,"arch"
AddDrv "P:","\\srv-fs1\plotter",sym,"arch"
AddDrv "M:","\\srv-fs1\OTPRAVKA",sym,"arch"
AddDrv "X:","\\srv-fs1\POWER Complex",sym,"arch"
AddDrv "G:","\\srv-fs1\Technology",sym,"arch"
AddDrv "K:","\\srv-fs1\Sekretariat",sym,"arch"
AddDrv "Z:","\\srv-fs1\sovd",sym,"arch"
AddPrn "SRV-print","HPLJ5200k602","",sym,"arch"
AddDrv "J:","\\srv-fs1\BGI",sym,"arch"
AddPrn "SRV-print","HPLJ5200k608","",sym,"arch"
AddDrv "S:","\\srv-fs1\Проекты",sym,"arch"
' Энергетический комплекс
AddPrn "SRV-print","HPLJ4350k502","",sym,"power"
AddPrn "SRV-print","HPLJ4350k506","",sym,"power"
AddPrn "SRV-print","Samsungmlpower","",sym,"power"
AddDrv "P:","\\srv-fs1\plotter",sym,"power"
AddDrv "M:","\\srv-fs1\otpravka",sym,"power"
AddDrv "X:","\\srv-fs1\POWER Complex",sym,"power"
AddDrv "N:","\\srv-fs1\Architects",sym,"power"
AddDrv "K:","\\srv-fs1\Sekretariat",sym,"power"
AddDrv "G:","\\srv-fs1\Technology",sym,"power"
AddPrn "SRV-print","HP1022k501","",sym,"power"
AddDrv "I:","\\srv-fs1\Проекты",sym,"power"
' Технологический комплекс
AddDrv "P:","\\srv-fs1\plotter",sym,"tech"
AddDrv "Z:","\\srv-fs1\otpravka",sym,"tech"
AddDrv "G:","\\srv-fs1\Technology",sym,"tech"
AddDrv "K:","\\srv-fs1\Sekretariat",sym,"tech"
AddDrv "X:","\\srv-fs1\POWER Complex",sym,"tech"
AddDrv "N:","\\srv-fs1\Architects",sym,"TECH"
AddDrv "J:","\\srv-fs1\BGI",sym,"tech"
AddPrn "SRV-print","HPLJ4350k702","",sym,"tech"
AddPrn "SRV-print","LJ4350k704","",sym,"tech"
AddDrv "I:","\\srv-fs1\Проекты",sym,"tech"
' БГИ
AddDrv "N:","\\srv-fs1\BGI",sym,"SGI"
AddDrv "J:","\\srv-fs1\otpravka",sym,"SGI"
AddDrv "G:","\\srv-fs1\Technology",sym,"SGI"
AddDrv "X:","\\srv-fs1\POWER Complex",sym,"SGI"
AddDrv "Z:","\\srv-fs1\Architects",sym,"SGI"
AddDrv "K:","\\srv-fs1\Sekretariat",sym,"SGI"
AddDrv "H:","\\srv-fs1\PLAN",sym,"SGI"
AddDrv "I:","\\srv-fs1\Проекты",sym,"SGI"
AddPrn "SRV-print","SamsungML4550SGI","",sym,"SGI"
' Служба качества
AddDrv "J:","\\srv-fs1\BGI",sym,"SK"
AddDrv "N:","\\srv-fs1\SK",sym,"SK"
AddDrv "K:","\\srv-fs1\Sekretariat",sym,"SK"
AddDrv "Z:","\\srv-fs1\sovd",sym,"SK"
AddDrv "I:","\\srv-fs1\Проекты",sym,"SK"
' Бухгалтерия
AddDrv "G:","\\srv-fs1\PLAN",sym,"buH"
AddDrv "Y:","\\srv-Buh\BUH",sym,"buH"
AddPrn "SRV-print","SamsungMLBUH","",sym,"BUH"
AddDrv "I:","\\srv-fs1\Проекты",sym,"BUH"
'СДПК
AddDrv "G:","\\srv-fs1\PLAN",sym,"plan"
AddDrv "N:","\\srv-fs1\BGI",sym,"PLAN"
AddDrv "K:","\\srv-fs1\Sekretariat",sym,"PLAN"
AddDrv "I:","\\srv-fs1\Проекты",sym,"PLAN"
AddPrn "SRV-print","SamsungmlPlan","",sym,"PLAN"
AddDrv "I:","\\srv-fs1\Проекты",sym,"SMETA"
'Секретариат OSPB
AddDrv "K:","\\srv-fs1\Sekretariat",sym,"OSPB"
AddDrv "N:","\\srv-fs1\BGI",sym,"OSPB"
AddDrv "Y:","\\srv-fs1\otpravka",sym,"OSPB"
AddDrv "G:","\\srv-fs1\Technology",sym,"OSPB"
AddDrv "X:","\\srv-fs1\POWER Complex",sym,"OSPB"
AddDrv "Z:","\\srv-fs1\Architects",sym,"OSPB"
AddDrv "I:","\\srv-fs1\Проекты",sym,"OSPB"
AddDrv "M:","\\srv-fs1\sovd",sym,"OSPB"
'ОТС
AddDrv "K:","\\srv-fs1\Sekretariat",sym,"OTS"
AddDrv "N:","\\srv-fs1\BGI",sym,"OTS"
AddDrv "J:","\\srv-fs1\OTS",sym,"OTS"
AddDrv "Z:","\\srv-fs1\sovd",sym,"OTS"
AddDrv "I:","\\srv-fs1\Проекты",sym,"OTC"
'-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
If sym <> 0 Then
ErrorKey
MSIE.Document.Write "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-<BR>"
MSIE.Document.Write " <B>Перегрузите компьютер, если ошибка повторилась, то позвоните в отдел информационных технологий тел.420, тел.337."
Else
MSIE.Document.Write "<BR><B><font size=1>Окно закроется через 3 секунды </B><BR>"
WScript.Sleep 3000
MSIE.Quit
End If
'-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Function AddPrn (PServer,DPrinter,Port,Sym,GroupName) 'ПОДКЛЮЧЕНИЕ СЕТЕВОГО ПРИНТЕРА
On Error Resume Next
Dim Group 'As IADsGroup
Dim GroupDomain 'As String
Dim User 'As IADsUser
Dim UserName 'As String
Dim UserDomain 'As String
UserName = Network.UserName
UserDomain = Network.UserDomain
GroupDomain = UserDomain
Set User = GetObject("WinNT://" & UserDomain & "/" & UserName & ",user")
Set Group = GetObject("WinNT://" & GroupDomain & "/" & GroupName & ",group")
Flg = Group.IsMember(User.ADsPath)
If Flg <> 0 Then
MSIE.Document.Write "<B>Подключение принтера " & DPrinter & "</B><BR>"
Network.AddWindowsPrinterConnection "\\" & PServer & "\" & DPrinter
If Err.Number <>0 and Not Err.Number =424 Then
MSIE.Document.Write "<font color=880000>  Ошибка подключения принтера " & DPrinter & "<BR>" & "  " & Err.Description & "<font color=000000><BR>"
Sym=Sym+1
Else
MSIE.Document.Write "  Принтер " & DPrinter & " успешно подключен " & "<BR>"
End If
Network.AddPrinterConnection Port, "\\" & PServer & "\" & DPrinter
If Err.Number = 0 or Err.Number = 424 Then
MSIE.Document.Write "   <font color=000000>Принтер " & DPrinter & " успешно подключен к " & Port & "</Font><BR>"
End If
End If
End Function
'-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Function RemovePrn (PServer,DPrinter,Port,Sym,GroupName) 'ОТКЛЮЧЕНИЕ СЕТЕВОГО ПРИНТЕРА
On Error Resume Next
Dim Group 'As IADsGroup
Dim GroupDomain 'As String
Dim User 'As IADsUser
Dim UserName 'As String
Dim UserDomain 'As String
UserName = Network.UserName
UserDomain = Network.UserDomain
GroupDomain = UserDomain
Set User = GetObject("WinNT://" & UserDomain & "/" & UserName & ",user")
Set Group = GetObject("WinNT://" & GroupDomain & "/" & GroupName & ",group")
Flg = Group.IsMember(User.ADsPath)
If Flg <> 0 Then
MSIE.Document.Write "<B>Отключение принтера " & DPrinter & "</B><BR>"
Network.RemovePrinterConnection "\\" & PServer & "\" & DPrinter
If Err.Number <>0 and Not Err.Number =424 Then
MSIE.Document.Write "<font color=880000>  Ошибка Отключения принтера " & DPrinter & "<BR>" & "  " & Err.Description & "<font color=000000><BR>"
Sym=Sym+1
Else
MSIE.Document.Write "  Принтер " & DPrinter & " успешно отключен " & "<BR>"
End If
Network.RemovePrinterConnection Port, "\\" & PServer & "\" & DPrinter
If Err.Number = 0 or Err.Number = 424 Then
MSIE.Document.Write "   <font color=000000>Принтер " & DPrinter & " успешно отключен к " & Port & "</Font><BR>"
End If
End If
End Function
'-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Function AddDrv (Drive,Share,sym,GroupName) 'ПОДКЛЮЧЕНИЕ СЕТЕВОГО ДИСКА
On Error Resume Next
Dim Group 'As IADsGroup
Dim GroupDomain 'As String
Dim User 'As IADsUser
Dim UserName 'As String
Dim UserDomain 'As String
UserName = Network.UserName
UserDomain = Network.UserDomain
GroupDomain = UserDomain
Set User = GetObject("WinNT://" & UserDomain & "/" & UserName & ",user")
Set Group = GetObject("WinNT://" & GroupDomain & "/" & GroupName & ",group")
Flg2 = Group.IsMember(User.ADsPath)
If Flg2 <> 0 Then
MSIE.Document.Write "<B> Подключение диска " & Drive & " к " & Share & "...</b><BR>"
If filesys.FolderExists(Drive) Then
Network.RemoveNetworkDrive Drive
End If
Network.MapNetworkDrive Drive, Share
If Err.Number = 0 or Err.Number = 424 or Err.Number = 13 Then
MSIE.Document.Write " Диск успешно подключен<BR>"
Else
MSIE.Document.Write "<font color=880000> Ошибка подключения диска " & Drive & " к " & Share & "<BR>" & "  " & Err.Description & "<font color=000000><BR>"
sym=sym+1
End If
End If
End Function
'-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Sub SetupMSIE
MSIE.Navigate "About:Blank"
MSIE.ToolBar = False
MSIE.StatusBar = False
MSIE.Resizable = False
Do
Loop While MSIE.Busy
Swidth = MSIE.Document.ParentWindow.Screen.AvailWidth
SHeight = MSIE.Document.ParentWindow.Screen.AvailHeight
MSIE.Width = SWidth/1.5
MSIE.Height = SHeight/1.5
MSIE.Left = (SWidth-MSIE.Width)/1.5
MSIE.Top = (SHeight-MSIE.Height)/1.5
MSIE.Visible = True
End Sub
'-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Результат выполнения данного скрипта:
Рис 3.9 – Результат выполнения скрипта входа в систему
