• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 862
  • Last Modified:

Login Scripts & Citrix

Hi All,

I have just installed a new XenApp Farm and I am having some issues with login scripts.

Basiscally our network login scripts do everything, map drives, add registry settings, printers and some other bits, which works fine on the network but is causing some issues when logging onto the Citrix Environment.

Is there a way for the login script to detect that the login is happening on a citrix server and then run a different login script?

Thanks very much.

Paul
0
essexboy80
Asked:
essexboy80
3 Solutions
 
Carl WebsterCommented:
Put your Citrix servers in a separate OU and Block Inheritance.
0
 
oBdACommented:
You can check the registry whether the machine is a terminal server or not and then run any combination of branching in the same script or calling external scripts.
The key to query is the REG_DWORD value "TSAppCompat" in "HKLM\System\CurrentControlSet\Control\Terminal Server"; if it's 1, it's a terminal server, 0 if not.
Example for a batch script:
for /f "tokens=3" %%a in ('reg query "HKLM\System\CurrentControlSet\Control\Terminal Server" /v "TSAppCompat" ^| find /i "TSApp"') do set /a IsTerminalServer=%%a
echo Terminalserver: %IsTerminalServer%

Open in new window

0
 
Joseph DalyCommented:
Also another possible way of doing this would be to check the computer names that the login script is running on. Something this at the beginning of the login script should do it.

This script will match the computername and if it matches jump to the citrix login scripts.

This code is the key if /I "%computername:~0,4%"=="xxxx"

What that does is matches the letters of a computername to your terminalserver. So if youir terminal server was named termserv1 you would put

if /I "%computername:~0,9%"=="termserv1"

If you had multiple terminal servers with similar names say termserv1 thru termserv5 you could do below and it would match all of them.

if /I "%computername:~0,8%"=="termserv"
if /I "%computername:~0,4%"=="xxxx" GOTO endbat
if /I "%computername:~0,8%"=="xxxxxxxx" GOTO endbat
if /I "%computername:~0,4%"=="xxxx" GOTO terminalserver

Normal login scripts go here

:terminalserver

Citrix login scripts go here.

Open in new window

0
NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

 
essexboy80Author Commented:
Hi,

So this is now my login script :

%logonserver%\netlogon\kix32.exe %logonserver%\netlogon\kixtart.kix

%logonserver%\netlogon\Shortcuts.cmd

Basically am callign the Kix Script and then calling some PERL Scripts.

So given this is a logon.cmd file, what can I put in here before the KIX that checks if the user is logging into a Citrix Server and if they are go to a different script.

Thanks

Paul
0
 
oBdACommented:
Something like this (use CALL to start another batch script from a batch script, at least if you want to return to the first batch script!):
for /f "tokens=3" %%a in ('reg query "HKLM\System\CurrentControlSet\Control\Terminal Server" /v "TSAppCompat" ^| find /i "TSApp"') do set /a IsTerminalServer=%%a
if "%IsTerminalServer%"=="1" goto TerminalserverLogon
REM *** User is logging on to a workstation or member server
%logonserver%\netlogon\kix32.exe %logonserver%\netlogon\kixtart.kix
CALL %logonserver%\netlogon\Shortcuts.cmd

goto :eof
REM *** User is logging on to a terminal server
:TerminalserverLogon
%logonserver%\netlogon\kix32.exe %logonserver%\netlogon\terminalserver.kix
goto :eof

Open in new window

0
 
essexboy80Author Commented:
Hi,

What is the code in these lines below doing, just so I can understand it

for /f "tokens=3" %%a in ('reg query "HKLM\System\CurrentControlSet\Control\Terminal Server" /v "TSAppCompat" ^| find /i "TSApp"') do set /a IsTerminalServer=%%a
if "%IsTerminalServer%"=="1" goto TerminalserverLogon

0
 
oBdACommented:
It queries the registry value "TSAppCompat" in "HKLM\System\CurrentControlSet\Control\Terminal Server" and sets the environment variable "IsTerminalServer" to this value (0 or 1).
If it's 1, it then jumps to the label ":TerminalserverLogon".
0
 
essexboy80Author Commented:
Great Thanks All
0
 
Suhas .QA ManagerCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
 
oBdACommented:
Sorry, but http:#33496734 is not a valid solution. GPO based logon scripts are a user setting; blocking inheritance for computer accounts will not prevent logon scripts from running (unless combined with a loopback GP processing policy in replace mode). In addition, it would not prevent the legacy logon script specified in the user's AD properties from running.
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now