none
I'm looking for an HTA that will ask user to authenticate a user to an AD group and if successful run a program RRS feed

  • Question

  • is this even possible? I want to use this in WinPE to only allow certain users build machines with MDT. Is this possible with an HTA and VB?
    Monday, February 2, 2015 2:45 AM

Answers

  • It sounds like you have an MDT (deployment) question rather than a general scripting question.


    -- Bill Stewart [Bill_Stewart]

    Tuesday, January 20, 2015 6:12 PM
    Moderator

All replies

  • I am looking to create a script VB or Powershell that will ask the user for Domain creds, authenticate those creds, and if successfull, kick off  an .EX E.  Essentially I am looking have users authenticate to AD before MDT kicks off LiteTouch.wsf  Can anyone help?



    Tuesday, January 20, 2015 5:47 PM
  • Why don't the built-in operating system access control features work for you?

    -- Bill Stewart [Bill_Stewart]

    Tuesday, January 20, 2015 5:54 PM
    Moderator
  • In PowerShell,  if you want to present a credentials box you can use the Get-Credential command like this

    $cred = Get-Credential -UserName "Domain\" -Message "You must supply your credentials"

    The username and password will be stored in the variable $cred

    If you want to test authentication you can do something like this

    http://serverfault.com/questions/276098/check-if-user-password-input-is-valid-in-powershell-script


    Warm Fuzzies!

    Tuesday, January 20, 2015 5:54 PM
  • I will be happening in WinPE
    Tuesday, January 20, 2015 5:55 PM
  • It sounds like you have an MDT (deployment) question rather than a general scripting question.


    -- Bill Stewart [Bill_Stewart]

    Tuesday, January 20, 2015 6:12 PM
    Moderator

  • I need a script that will authenticate a user to a particular AD group, and if successful kick off an EXE. Which just happens to be cscript. I can run Powershell in WinPE, so it's not really a MDT (deployment)  because I know where and how to use it, I just don't know how to write it


    But I did post there, thanks


    I am looking for a script Powershell or VB that will authenticate a user to a group in AD, and if successful, kick off 
    Tuesday, January 20, 2015 6:32 PM
  • There is no such thing as authenticating to a group. Do you mean "test if a user is a member of an AD group"?

    -- Bill Stewart [Bill_Stewart]

    Tuesday, January 20, 2015 6:43 PM
    Moderator
  • if((Get-ADGroupMember -Identity "Your_Group" | Select Name) -match "$($currentuser)"){<#execute code here#>}

    #or

    if((Get-ADGroupMember -Identity "Your_Group" | Select Name) -match (Get-Credential).UserName){<#call exe#>}

    Of course $currentuser needs to be populated depending on how and where the script is going to be run from.

    $currentuser = $Env:USERNAME
    
    #or
    
    $currentuser = Read-Host "Enter your username"
    
    #or
    
    $currentuser = (Get-Credential).username



    PoSh is king





    • Edited by JL-4 Tuesday, January 20, 2015 7:40 PM
    Tuesday, January 20, 2015 7:35 PM
  • WinPE MDT has no access to AD CmdLets.  MDT has methods built-in to do what you are trying to do You can specify a rule based on a domain group.  MDT knows how to access AD before the computer is imaged and joined.  It can also set OU for the computer when joined based on many things including subnet and site.

    Post in MDT forum to learn how to use MDT to do all of this.


    ¯\_(ツ)_/¯


    • Edited by jrv Monday, February 2, 2015 3:35 PM
    Tuesday, January 20, 2015 8:12 PM