• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 622
  • Last Modified:

Logon scripts permission issues on windows 7

I have written a logon script to map a printer on my domain. originally we had only XP machines, now we have added 12 windows 7 machines. The script runs fine on the xp, but standard users get access denied errors when they log on to a win7 machine and the script attempts to run. Below is a copy of the code in the script. I want to know if there is way to insert some sort of code that will allow the script to run with the appropriate permissions even if a standard user logs on the a win 7 machine.
****************************************************start code****************************************
'Written by Zay Scott on 1\18\10
'This is a script to map printers
'The script also sets the default printer as well

Option Explicit

Dim objNetwork, strUNCPrinter1, strUNCPrinter2
strUNCPrinter1 = "\\tb-dc01\Savin_C9020"
strUNCPrinter2 = "\\tb-dc01\Savin8025"

Set objNetwork = CreateObject("WScript.Network")
objNetwork.AddWindowsPrinterConnection strUNCPrinter1
objNetwork.SetDefaultPrinter strUNCPrinter1
'WScript.Echo "Username: " & WshNetwork.UserName

WScript.Quit
0
xzay1967
Asked:
xzay1967
  • 3
  • 3
1 Solution
 
RobSampsonCommented:
Can you browse manually to the print server, right click the printer, and click Connect?

If you still get access denied errors, then your policy must be disabling the ability for users to install the drivers.

Regards,

Rob.
0
 
xzay1967Author Commented:
I have not tried that, but the issue is generated when the driver needs to be installed. For the time being, I have logged on as admin, installed the driver. When the standard user logs on, the driver is already installed, and the printer is added. Luckily there are only 12 win7 machines, but  would still like to know how to write the script so that when it runs, it has elevated rights and installs the driver for the standard users.
0
 
McKnifeCommented:
To elevate a logon script, you will need the administrator password somehow coded into it together with some runas tool. You should use GPO printer deployment.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
xzay1967Author Commented:
So if I use a GPO instead of a log on script, that would eliminate the permission issue? I honestly think this is a windows  7 specific issue; there is no permission issue when logging to an XP machine. I somewhere that disabling UAC should take care of it. I don't want to do that, that only circumvents the issue not solve it. I do appreciate the input so far.
0
 
McKnifeCommented:
If your xp users are either admins or power users, they can install printers.
On vista/win7, users have to be admins (power users don't exist in vista/win7) AND the actions theydo respectively the scripts they execute have to run elevated - by default they don't - that's UAC.

GPO printer deployment is running elevated by default.
0
 
xzay1967Author Commented:
I will try the GPO option and see how that works. But does the GPO take of the driver installation issue as well? The scripts fine, it is the driver installation portion that triggers the permission error.
0
 
McKnifeCommented:
Yes, it does.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now