Solved

Login Script

Posted on 2004-09-24
31
758 Views
Last Modified: 2008-02-01
I am trying to run a installation of Altiris AClient using a batch file.  I want the script to run when the user logs into Windows.  I have created a OU but  I'm not sure how to get the script to run for this OU.  Can someone tell me how to do this as detailed as possible?
0
Comment
Question by:smartin0924
  • 14
  • 11
  • 4
  • +1
31 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 335 total points
ID: 12145786
Windows Creating and editing group policy

Group policies can be applied on a domain or an Organisational Unit, to apply a group policy in a 2003 domain environment, do the following.

On a domain controller open "Active directory Users and computers"

NOTE: As said above you can apply a GP to an OU in this instance we will deal with a domain GP, if you are concerned with a GP for an OU insert the "OU name" instead of the "Domain Name"

1. Locate the domain (top of the Tree) and right click it, then select "Properties"
2. Select the group policy Tab.
3. You will see the Default domain policy (and any other policies applied at this level)
4. You can create another domain policy by clicking "New" giving it a name and configuring it"
5. Ensure the default domain policy is highlighted and select "Edit" (unless you are working on another policy)
6. The Group policy object editor will open.
7. You can now edit the policy and close the editor when you are finished.
8. Back in the domain properties click "apply" and "OK"

Troubleshooting Group Policy in Windows Server
http://www.microsoft.com/downloads/details.aspx?FamilyId=B24BF2D5-0D7A-4FC5-A14D-E91D211C21B2&displaylang=en

Group Policy Infrastructure White Paper
http://www.microsoft.com/downloads/details.aspx?FamilyId=D26E88BC-D445-4E8F-AA4E-B9C27061F7CA&displaylang=en

COMMON POLICIES

Logon Scripts
User Configuration > Windows Settings > Scripts > Logon
The script lives here (\\domain controller\sysvol\domain\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\User\Scripts\Logon)


or simply apply scripts to your users through their profile in AD users and computers
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12145913
ok. I have followed the steps and created the GP, but where would i place my batch file in the GP
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12145962
sorry.  didn't read the last sentence.
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12146144
Its not working.  I have created a simple .bat file just to see if it would work and nothing happened.  The test was to just open a command window and ping a certain address until I stopped it.  Any Ideas?
0
 
LVL 17

Expert Comment

by:Eagle6990
ID: 12146570
Login scripts by default run completely hidden I believe, at least all of mine do when I use them as a GPO Login script.  Try having it make a file on the HD or make some other change you can see other than an interactive window
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12146800
ok I create a simple bat to just make a folder called test.  Nothing Happened.  I am placing this on the OU just so you know.  Anything else i can try.
0
 
LVL 17

Expert Comment

by:Eagle6990
ID: 12147101
So on the OU you have a group policy that has a User Logon script, correct?  You also have a user placed into that OU and you are logging in as that user?
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12147122
That is correct. I have placed myself in the OU for testing.
0
 
LVL 17

Expert Comment

by:Eagle6990
ID: 12147281
Where is the script located? Is it on a shared resource on the network, or when defining a login script, did you press "Show File" and drag you script there?  Then you should click on the Add button and select the script you want to run.  Also verify that your script does what you are requesting of it right now before making it part of the logon.
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12147497
I have created a video that will show you what I did.  Can you send me your email address and i will send it to you.  It is a .swf file that I created with RoboDemo.  Nothing fancy but it will give you the idea of what i did.
0
 
LVL 17

Expert Comment

by:Eagle6990
ID: 12147595
Check my profile to see the e-mail address you can send it to.
0
 
LVL 17

Expert Comment

by:Eagle6990
ID: 12147665
Everything looks perfect.  If you run the batch file normally it creates the folder you specified?

Also, if you have more than one domain controller in your environment, you will need to wait 15 or so minutes for everything to replicate across the network.  What is the content of your test batch file?
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12147718
md c:\testfile

This is all I am trying to do until I get it working.  I'm not sure what is going on with it.
0
 
LVL 17

Expert Comment

by:Eagle6990
ID: 12147817
You are logging into the domain from your computer, correct?
0
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 335 total points
ID: 12149793


at the end of the login script put


md c:\documents and settings\%username%\testfile
echo login script run at %time% on %date%
echo press any key
pause

then you can see if its actually running
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 17

Expert Comment

by:Eagle6990
ID: 12150517
Sure that will work Pete?  I have about 6 scripts that run on a typical workstation on my domain, and none of my users see a box for the scripts.  Redirecting the output is how I check to see if they are running.

md "c:\documents and settings\%username%\testfile"
echo login script run at %time% on %date% >> "c:\documents and settings\%username%\testfile"
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12150928
Not tried in on 2K3 but Ive had an echo command on screen, if your unsure put this in a second batch file and call it from the login script
0
 
LVL 1

Expert Comment

by:mclean01
ID: 12153638
Why don't you just assign the software to the computers that you want it installed on (especially if its got an MSI package - just ditch the script)

1.  Open Active Directory Users and Computers snap-in and navigate to Active Directory container (domain or organizational unit) that contains the users or computers for which you want to manage software.

2.  Open the Group Policy snap-in to create a new (or edit an existing) Group Policy Object (GPO).

Open the Group Policy snap-in by right-clicking the Accounts OU, select Properties from the context menu, and then in the Accounts Properties dialog box, click the Group Policy tab. Then in the Accounts Property page, click the Group Policy tab, select New and type a name to create a new GPO, or select a GPO form the Group Policy Object Links list box, and click Edit. This opens the Group Policy snap-in.
 
3.  In the Group Policy snap-in, select either the User Configuration or the Computer Configuration node, double-click Software Settings, and then right-click Software Installation. This opens the Software Installation snap-in.

4.  Select Windows Installer package (.msi file) that you want to deploy from the software distribution point.
 
5.  Configure the software for management (associate any transforms and create any upgrade relationships).
 
6.  Assign the software to the computer.

When you assign it to a computer, the software is installed for all the users who use the computer the next time that the computer reboots
 
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12159584
The file I am trying to push out does not have a .msi  only .exe  I will try the script listed above from PeteLong to see if this is going through. Will let you know.
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12162742
UGH!!!!!  This is frustrating. This is not working.  Just a simple script and that doesnt even work.  I copied the script from above:

md c:\documents and settings\%username%\testfile
echo login script run at %time% on %date%
echo press any key
pause

Nothing is happening.  Is there anything I need to check to make sure I have my server configured correctly?
0
 
LVL 17

Expert Comment

by:Eagle6990
ID: 12163353
You will need quotes around "c:\documents and settings\%username%\testfile" to make it work properly.  I dont' think  the echos will work as you are thinking.
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12164124
I checked the script and i do have "" around the command.  I took the script and i also placed it on the Domain Policy.  It still did not run the script.  I know the Default Domain Policy is working because I changed a setting within the policy to remove the Run command from the start menu.  So i know the policy is being pushed out but the script is not running.
0
 
LVL 17

Expert Comment

by:Eagle6990
ID: 12164166
You could try putting something like

net send mycomputer The script ran

replacing mycomputer with your computer name so it sends you a net send message to let you know it is working.  I assume you are logging in as an administrator that has permissions to create a folder?
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12164644
I tried the net send computername "The script work!!!"   Nothing is happening.   I know XP creates a profile for users.  Is it possible that the profile is not actually going to the domain to authenticate but just going off of the local cached profile?
0
 
LVL 17

Expert Comment

by:Eagle6990
ID: 12164666
If you have restarted the computer recently then all should be good.  Is this a Win2k or WinXP machine?  If it is an XP machine, then go to the command prompt and type
gpupdate
to pull the latest group policy to the computer. You could also restart it just for good measure.  Make sure when you log in that you are logging into the domain.
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12164713
I restart my machine everytime I make a change to the policy. Just to make sure.  I am logging into the domain. I have no clue what to try next.
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12164731
Is there a way to run a command to make sure it is recognizing me in the group I am assigned to?  I created a test OU and placed myself in this group.  I want to make sure that it is recognizing me in this group.
0
 
LVL 17

Expert Comment

by:Eagle6990
ID: 12164904
You could try making a goofy GPO setting, like no screensaver tab and check if that takes affect when you log in.
0
 
LVL 1

Assisted Solution

by:mclean01
mclean01 earned 165 total points
ID: 12165236
0
 
LVL 1

Author Comment

by:smartin0924
ID: 12179163
Well, I finally got it to work.  Heres what I did.  I deleted all of GPO.  I only had one in place so it was not a big deal.  If i navigated to WinNT/Sysvol/sysvol/Policies I noticed i had several different folders pointing to other GPO's that use to exist.  I deleted all of them except for the Default Domain Policy.  I then created one GPO and placed my script within that GPO.  It fired off without any problems.  I split the point among the three of you for helping me out and pointing me in directions that helped me come to my answer.  Thanks for your help.  It finally works.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12181489
ThanQ
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Need the Best Data Leakage Protection (Cloud Based) 1 356
VSS on host & VM 10 400
create a second domain controller and then make primary controller 9 540
Windows Foriegn Disk 3 130
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Fine Tune your automatic Updates for Ubuntu / Debian
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now