Solved

Logon scripts permission issues on windows 7

Posted on 2010-09-02
7
616 Views
Last Modified: 2012-05-10
I have written a logon script to map a printer on my domain. originally we had only XP machines, now we have added 12 windows 7 machines. The script runs fine on the xp, but standard users get access denied errors when they log on to a win7 machine and the script attempts to run. Below is a copy of the code in the script. I want to know if there is way to insert some sort of code that will allow the script to run with the appropriate permissions even if a standard user logs on the a win 7 machine.
****************************************************start code****************************************
'Written by Zay Scott on 1\18\10
'This is a script to map printers
'The script also sets the default printer as well

Option Explicit

Dim objNetwork, strUNCPrinter1, strUNCPrinter2
strUNCPrinter1 = "\\tb-dc01\Savin_C9020"
strUNCPrinter2 = "\\tb-dc01\Savin8025"

Set objNetwork = CreateObject("WScript.Network")
objNetwork.AddWindowsPrinterConnection strUNCPrinter1
objNetwork.SetDefaultPrinter strUNCPrinter1
'WScript.Echo "Username: " & WshNetwork.UserName

WScript.Quit
0
Comment
Question by:xzay1967
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 65

Expert Comment

by:RobSampson
ID: 33592999
Can you browse manually to the print server, right click the printer, and click Connect?

If you still get access denied errors, then your policy must be disabling the ability for users to install the drivers.

Regards,

Rob.
0
 

Author Comment

by:xzay1967
ID: 33595677
I have not tried that, but the issue is generated when the driver needs to be installed. For the time being, I have logged on as admin, installed the driver. When the standard user logs on, the driver is already installed, and the printer is added. Luckily there are only 12 win7 machines, but  would still like to know how to write the script so that when it runs, it has elevated rights and installs the driver for the standard users.
0
 
LVL 55

Expert Comment

by:McKnife
ID: 33596067
To elevate a logon script, you will need the administrator password somehow coded into it together with some runas tool. You should use GPO printer deployment.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 

Author Comment

by:xzay1967
ID: 33597582
So if I use a GPO instead of a log on script, that would eliminate the permission issue? I honestly think this is a windows  7 specific issue; there is no permission issue when logging to an XP machine. I somewhere that disabling UAC should take care of it. I don't want to do that, that only circumvents the issue not solve it. I do appreciate the input so far.
0
 
LVL 55

Accepted Solution

by:
McKnife earned 500 total points
ID: 33598538
If your xp users are either admins or power users, they can install printers.
On vista/win7, users have to be admins (power users don't exist in vista/win7) AND the actions theydo respectively the scripts they execute have to run elevated - by default they don't - that's UAC.

GPO printer deployment is running elevated by default.
0
 

Author Comment

by:xzay1967
ID: 33598722
I will try the GPO option and see how that works. But does the GPO take of the driver installation issue as well? The scripts fine, it is the driver installation portion that triggers the permission error.
0
 
LVL 55

Expert Comment

by:McKnife
ID: 33598735
Yes, it does.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By default the complete memory dump option is disabled in windows . If we want to enable the complete memory dump for a diagnostic purpose, we have a solution for it. here we are using the registry method to enable this.
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question