troubleshooting Question

At wit's end with group policy problem. Please HELP!!

Avatar of Jack Dee
Jack Dee asked on
Windows Server 2003
32 Comments1 Solution5243 ViewsLast Modified:
I am a Windows 2003 domain admin and  have a Group Policy that does not appear to be working.

For those familiar with Trend Micro OfficeScan anti-virus software, I am trying to setup a group policy that will cause the workstation computers to look at the antivirus server for the latest updates and each startup.  In addition, if the OfficeScan software is not installed on the workstation machine, the command will start the install.  (I'd like to be able to set it for user login, but it requires local admin rights to run.  Most domain users are only Power Users on their workstation computers.  If I can get it to run on computer startup, I will be happy)

Here is what the .bat script looks like:
---------------------------------------------------------------------------------------------------------
@echo off

net use B: /d
net use B: \\10.10.3.70\ofcscan

CD\
B:
autopccp.exe
C:
net use B: /d GOTO END

:END

EXIT
------------------------------------------------------------------------------------------------------------

This .bat file runs great on its own when ran on the workstation computer with my account.

The Group Policy is called OfficeScan.User.Policy.

The delegation permissions on this policy are as follows:

Authenticated Users - Read (from Security Filtering)
Domain Admins - Edit settings, delete, modify security
Domain Computers - Read (from Security Filtering)
Enterprise Admins - Domain Admins - Edit settings, delete, modify security
Enterprise Domain Controllers - Read
System - Edit settings, delete, modify security

Under edit, Computer Configuration, Windows Settings, Scripts (Startup/Shutdown), Startup, it points to the scsript location at \\domainname.com\sysvol\domainname.com\scripts\OUCode\OfficeScanSync.bat.

I have ran RSOP.msc and GPResult.  Both show that the GPO is indeed configured to run.

To test, I have uninstalled OfficeScan on a workstation computer that is part of the OU where the group policy is being applied.  To rule out policy conflicts, I have even linked the GPO under a seperate test OU with no other GPOs and Blocked Inheritance.  A test workstation computers that I am working on has been placed in that OU.  "gpupdate /force" has ben ran on that computer and a reboot has been initiated several times.  No luck.  I have other GPOs for things like font installs that are configured in much the same way, and they work great.  

At this point, I am not sure where the problem is and why the .exe in the script will not run on computer startup.  Please advise.
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 32 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 32 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros