Solved

How to stop user's logon script while login to terminal server

Posted on 2006-11-01
7
443 Views
Last Modified: 2013-11-21
I am using some winodws 2003 servers running citrix PS 4 over terminal services. There are users located worldwide on different sites and runs different login script defined in their profile in AD.

The same logon scripts get executed on terminal servers which are trying to map resources over WAN, causing session slow/hung. I want to apply some solution on terminal servers so that any user's logon script witll not be execued on these servers.

One solution is to modify logon script, but it is difficult for large no. of users using different logon scripts.
0
Comment
Question by:STNoida
7 Comments
 
LVL 4

Accepted Solution

by:
Shankadude earned 84 total points
Comment Utility
I'm not sure, haven't tested it, but perhaps you could set the security on the script so that it woud give a deny to the computer accounts of the Citrix computers.

Best solution however IMHO is to do this in the logon script. Make a standard logon script in which the basic settings are made and create sub scripts when it is necessary based on groups, IP ranges, computernames etc.

Then you can use the TSCLIENT variable to differentiate between normal clients and clients connecting to Citrix.

0
 
LVL 38

Assisted Solution

by:younghv
younghv earned 83 total points
Comment Utility
I've seen this part of Shankadude's comment recommended in most Network Security/Management classes I've attended.

"create sub scripts when it is necessary based on groups"

Manage the whole thing by 'Groups', not individuals.

Vic
0
 
LVL 38

Assisted Solution

by:Shift-3
Shift-3 earned 83 total points
Comment Utility
One way to do this would be to deploy logon scripts in Group Policy Objects instead of by setting them in each user's profile.  You could then enable Loopback Processing in Replace mode on the Terminal Servers to override the users' policy settings.

http://support.microsoft.com/kb/260370
http://support.microsoft.com/kb/231287
0
 

Author Comment

by:STNoida
Comment Utility
Hi All,

All these workarounds have been already tried, but I am looking for solution which can be implemented on Terminal server level, which can ignore the effect of login script assigned in users profile.

Modifying script is a solution, but this cannot be done for large no. of users located worldwide.

Thanks for all suggestions.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
Windows 10 is here and for most admins this means frustration and challenges getting that first working Windows 10 image. As in my previous sysprep articles, I've put together a simple help guide to get you through this process. The aim is to achiev…
This video discusses moving either the default database or any database to a new volume.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now