Problem running computer logon script from netlogon share

Posted on 2009-04-28
Last Modified: 2012-05-06
I have a computer logon script (under admin templates/System/Logon) that is a simple vb script to rename my computer. Code attached.

It runs fine if I enter the path as \\server1\netlogon\script.vbs.

If I enter the path as \\domain.local\netlogon\script.vbs, users are prompted to run the script.

I'd like to resolve this because I don't like having to reconfigure (or at least check) GPOs whenever a DC is demoted.
Const MY_COMPUTER = &H11&

Set objNetwork = CreateObject("Wscript.Network")

strComputer = objNetwork.ComputerName

Set objShell = CreateObject("Shell.Application")

Set objFolder = objShell.Namespace(MY_COMPUTER) 

Set objFolderItem = objFolder.Self

objFolderItem.Name = "My Computer " & strComputer

Open in new window

Question by:jonhicks
    LVL 82

    Accepted Solution

    The users are probably prompted because "domain.local" isn't recognized as Local Intranet in the security settings of IE.
    There's an easy solution: use %Logonserver% instead of "\\server1" (%LogonServer% DOES include the two leading backslashes); %LogonServer% contains the DC which just authenticated the user, so in all likelihood, it's running ...
    LVL 4

    Author Comment

    Yup, you're right. If I use windows explorer and browse to \\server1\netlogon\ and launch the script, it runs without a warning. If I run it from \\domain.local\netlogon, it throws up the security warning.

    If I add file://*domain.local to the local Intranet zone in IE, it works without the warning.

    I tried setting the script path as %logonserver%\netlogon\script.vbs but it didn't run. Not sure if you can only call this variable from inside a script? Nothing in the event log.
    LVL 4

    Author Comment

    Resolved the problem by running a computer startup script to add file://*.domain.local to the Local Intranet zone.

    computer logon scripts run from \\domain.local\netlogon now run without a security warning.

    Odd that this only affected computer logon scripts and not user logon scripts (which run fine without a warning).
    On Error Resume Next
    Const HKEY_LOCAL_MACHINE = &H80000002
    strComputer = "."
    Set objReg=GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
    strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\" _
        & "ZoneMap\Domains\domain.local"
    objReg.CreateKey HKEY_LOCAL_MACHINE, strKeyPath
    strValueName = "file"
    dwValue = 1
    objReg.SetDWORDValue HKEY_LOCAL_MACHINE, strKeyPath, strValueName, dwValue

    Open in new window


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    It is a known fact that servers reach the end of their lives. Some get there quicker than others, based on age, manufacturer, usage and several other factors. However, if your organization has spent time deploying Microsoft's Active Directory server…
    I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now