Using Group Policy, I have assigned a shutdown script to domain computers, that will let me know when computers are off or on, and if they need Windows Updates, so I can use WoL to power up the machines at night and install the patches, then shut them back down.
The VBScript checks the status of updates using a registry key, and if it has updates waiting to install, it connects to an SQL database (SQL Server 2000) and inserts a record. Later, a script will use the record in that database to wake up machines.
The VBScript works great as long as I run it as a domain user account (using Integrated Security=SSPI;Persist Security Info=True in the connection string). However, when I assign it to run as a Shutdown Script via Group Policy, I get an access denied error:
Error: Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
Computer Shutdown Scripts run as the LocalSystem account. I already knew this - I had to grant "Domain Computers" permissions to the share where the scripts are located so they could run them.
On my SQL server, I added the "Domain Computers" group and gave it permissions to write to the database, but adding the group to SQL Server this way doesn't seem to work like it does with normal NTFS file shares.
Does anyone know a way to allow domain computer accounts to authenticate with SQL? I need these to run as shutdown scripts - not log off scripts - and I REALLY don't want to put any domain credentials in the scripts in plain text.
Thanks in advance
(My vbscript code is below, in case it helps)
'On Error Resume Next
Const wbemFlagReturnImmediately = &h10
Const wbemFlagForwardOnly = &h20
'Database connection string for SystemsInventory
Const strConnect = "Provider=SQLOLEDB.1;Integrated Security=SSPI;Persist Security Info=True;Initial Catalog=SystemsInventory;Data Source=NAS-LCLSYDB01"
'Create database connection
set adbConn = CreateObject("ADODB.Connection")
'Create Connection to the Record Set
set adbRS = CreateObject("ADODB.RecordSet")
'Collect and store the following info for inventory:
set WshNetwork = WScript.CreateObject("WScript.Network")
strComputerName = WshNetwork.ComputerName
'IP and MAC Address
Set objWMIService = GetObject("winmgmts:\\" & strComputerName & "\root\CIMV2")
Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True", "WQL", _
wbemFlagReturnImmediately + wbemFlagForwardOnly)
For Each objItem In colItems
if not IsNull(objItem.IPAddress) Then
strIPAddress = Join(objItem.IPAddress, ",")
strNetwork = Left(strIPAddress,5)
if strNetwork = "10.13" Then
strRealIP = strIPAddress
strMacAddress = objItem.MACAddress
'Time of Shutdown
strShutDnTime = Date & " " & Time
'Open the Database Connection
'Open the Record Set for modification
'Prepare records to insert
adbRS("ComputerName") = strComputerName
adbRS("ShutDownTime") = strShutDnTime
adbRS("IPAddress") = strRealIP
adbRS("MacAddress") = strMacAddress
'Close the Connections