Solved

Login Script

Posted on 2004-09-24
31
757 Views
Last Modified: 2008-02-01
I am trying to run a installation of Altiris AClient using a batch file.  I want the script to run when the user logs into Windows.  I have created a OU but  I'm not sure how to get the script to run for this OU.  Can someone tell me how to do this as detailed as possible?
0
Comment
Question by:smartin0924
  • 14
  • 11
  • 4
  • +1
31 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 335 total points
Comment Utility
Windows Creating and editing group policy

Group policies can be applied on a domain or an Organisational Unit, to apply a group policy in a 2003 domain environment, do the following.

On a domain controller open "Active directory Users and computers"

NOTE: As said above you can apply a GP to an OU in this instance we will deal with a domain GP, if you are concerned with a GP for an OU insert the "OU name" instead of the "Domain Name"

1. Locate the domain (top of the Tree) and right click it, then select "Properties"
2. Select the group policy Tab.
3. You will see the Default domain policy (and any other policies applied at this level)
4. You can create another domain policy by clicking "New" giving it a name and configuring it"
5. Ensure the default domain policy is highlighted and select "Edit" (unless you are working on another policy)
6. The Group policy object editor will open.
7. You can now edit the policy and close the editor when you are finished.
8. Back in the domain properties click "apply" and "OK"

Troubleshooting Group Policy in Windows Server
http://www.microsoft.com/downloads/details.aspx?FamilyId=B24BF2D5-0D7A-4FC5-A14D-E91D211C21B2&displaylang=en

Group Policy Infrastructure White Paper
http://www.microsoft.com/downloads/details.aspx?FamilyId=D26E88BC-D445-4E8F-AA4E-B9C27061F7CA&displaylang=en

COMMON POLICIES

Logon Scripts
User Configuration > Windows Settings > Scripts > Logon
The script lives here (\\domain controller\sysvol\domain\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\User\Scripts\Logon)


or simply apply scripts to your users through their profile in AD users and computers
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
ok. I have followed the steps and created the GP, but where would i place my batch file in the GP
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
sorry.  didn't read the last sentence.
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
Its not working.  I have created a simple .bat file just to see if it would work and nothing happened.  The test was to just open a command window and ping a certain address until I stopped it.  Any Ideas?
0
 
LVL 17

Expert Comment

by:Eagle6990
Comment Utility
Login scripts by default run completely hidden I believe, at least all of mine do when I use them as a GPO Login script.  Try having it make a file on the HD or make some other change you can see other than an interactive window
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
ok I create a simple bat to just make a folder called test.  Nothing Happened.  I am placing this on the OU just so you know.  Anything else i can try.
0
 
LVL 17

Expert Comment

by:Eagle6990
Comment Utility
So on the OU you have a group policy that has a User Logon script, correct?  You also have a user placed into that OU and you are logging in as that user?
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
That is correct. I have placed myself in the OU for testing.
0
 
LVL 17

Expert Comment

by:Eagle6990
Comment Utility
Where is the script located? Is it on a shared resource on the network, or when defining a login script, did you press "Show File" and drag you script there?  Then you should click on the Add button and select the script you want to run.  Also verify that your script does what you are requesting of it right now before making it part of the logon.
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
I have created a video that will show you what I did.  Can you send me your email address and i will send it to you.  It is a .swf file that I created with RoboDemo.  Nothing fancy but it will give you the idea of what i did.
0
 
LVL 17

Expert Comment

by:Eagle6990
Comment Utility
Check my profile to see the e-mail address you can send it to.
0
 
LVL 17

Expert Comment

by:Eagle6990
Comment Utility
Everything looks perfect.  If you run the batch file normally it creates the folder you specified?

Also, if you have more than one domain controller in your environment, you will need to wait 15 or so minutes for everything to replicate across the network.  What is the content of your test batch file?
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
md c:\testfile

This is all I am trying to do until I get it working.  I'm not sure what is going on with it.
0
 
LVL 17

Expert Comment

by:Eagle6990
Comment Utility
You are logging into the domain from your computer, correct?
0
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 335 total points
Comment Utility


at the end of the login script put


md c:\documents and settings\%username%\testfile
echo login script run at %time% on %date%
echo press any key
pause

then you can see if its actually running
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 17

Expert Comment

by:Eagle6990
Comment Utility
Sure that will work Pete?  I have about 6 scripts that run on a typical workstation on my domain, and none of my users see a box for the scripts.  Redirecting the output is how I check to see if they are running.

md "c:\documents and settings\%username%\testfile"
echo login script run at %time% on %date% >> "c:\documents and settings\%username%\testfile"
0
 
LVL 57

Expert Comment

by:Pete Long
Comment Utility
Not tried in on 2K3 but Ive had an echo command on screen, if your unsure put this in a second batch file and call it from the login script
0
 
LVL 1

Expert Comment

by:mclean01
Comment Utility
Why don't you just assign the software to the computers that you want it installed on (especially if its got an MSI package - just ditch the script)

1.  Open Active Directory Users and Computers snap-in and navigate to Active Directory container (domain or organizational unit) that contains the users or computers for which you want to manage software.

2.  Open the Group Policy snap-in to create a new (or edit an existing) Group Policy Object (GPO).

Open the Group Policy snap-in by right-clicking the Accounts OU, select Properties from the context menu, and then in the Accounts Properties dialog box, click the Group Policy tab. Then in the Accounts Property page, click the Group Policy tab, select New and type a name to create a new GPO, or select a GPO form the Group Policy Object Links list box, and click Edit. This opens the Group Policy snap-in.
 
3.  In the Group Policy snap-in, select either the User Configuration or the Computer Configuration node, double-click Software Settings, and then right-click Software Installation. This opens the Software Installation snap-in.

4.  Select Windows Installer package (.msi file) that you want to deploy from the software distribution point.
 
5.  Configure the software for management (associate any transforms and create any upgrade relationships).
 
6.  Assign the software to the computer.

When you assign it to a computer, the software is installed for all the users who use the computer the next time that the computer reboots
 
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
The file I am trying to push out does not have a .msi  only .exe  I will try the script listed above from PeteLong to see if this is going through. Will let you know.
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
UGH!!!!!  This is frustrating. This is not working.  Just a simple script and that doesnt even work.  I copied the script from above:

md c:\documents and settings\%username%\testfile
echo login script run at %time% on %date%
echo press any key
pause

Nothing is happening.  Is there anything I need to check to make sure I have my server configured correctly?
0
 
LVL 17

Expert Comment

by:Eagle6990
Comment Utility
You will need quotes around "c:\documents and settings\%username%\testfile" to make it work properly.  I dont' think  the echos will work as you are thinking.
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
I checked the script and i do have "" around the command.  I took the script and i also placed it on the Domain Policy.  It still did not run the script.  I know the Default Domain Policy is working because I changed a setting within the policy to remove the Run command from the start menu.  So i know the policy is being pushed out but the script is not running.
0
 
LVL 17

Expert Comment

by:Eagle6990
Comment Utility
You could try putting something like

net send mycomputer The script ran

replacing mycomputer with your computer name so it sends you a net send message to let you know it is working.  I assume you are logging in as an administrator that has permissions to create a folder?
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
I tried the net send computername "The script work!!!"   Nothing is happening.   I know XP creates a profile for users.  Is it possible that the profile is not actually going to the domain to authenticate but just going off of the local cached profile?
0
 
LVL 17

Expert Comment

by:Eagle6990
Comment Utility
If you have restarted the computer recently then all should be good.  Is this a Win2k or WinXP machine?  If it is an XP machine, then go to the command prompt and type
gpupdate
to pull the latest group policy to the computer. You could also restart it just for good measure.  Make sure when you log in that you are logging into the domain.
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
I restart my machine everytime I make a change to the policy. Just to make sure.  I am logging into the domain. I have no clue what to try next.
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
Is there a way to run a command to make sure it is recognizing me in the group I am assigned to?  I created a test OU and placed myself in this group.  I want to make sure that it is recognizing me in this group.
0
 
LVL 17

Expert Comment

by:Eagle6990
Comment Utility
You could try making a goofy GPO setting, like no screensaver tab and check if that takes affect when you log in.
0
 
LVL 1

Assisted Solution

by:mclean01
mclean01 earned 165 total points
Comment Utility
0
 
LVL 1

Author Comment

by:smartin0924
Comment Utility
Well, I finally got it to work.  Heres what I did.  I deleted all of GPO.  I only had one in place so it was not a big deal.  If i navigated to WinNT/Sysvol/sysvol/Policies I noticed i had several different folders pointing to other GPO's that use to exist.  I deleted all of them except for the Default Domain Policy.  I then created one GPO and placed my script within that GPO.  It fired off without any problems.  I split the point among the three of you for helping me out and pointing me in directions that helped me come to my answer.  Thanks for your help.  It finally works.
0
 
LVL 57

Expert Comment

by:Pete Long
Comment Utility
ThanQ
0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now