Solved

Trouble getting script to run via GPO in 2008 R2

Posted on 2010-09-10
12
359 Views
Last Modified: 2012-05-10
I'm trying to get used to the GPO interface in 2008 R2.

I created a simple login script that maps a drive. I tested it under the AD account login settings, and it works fine.

I then copied it into the NetLogin location way down the policy tree and applied it as a single policy to the OU.

However, when I log in as a user in that Employees OU, I don't get the drive mapping. If I run GPResult on the user account, I can see the login script, although it's in the Default Domain Policy instead of in the Employees OU as I had intended.

Also, it says that "This script has not been executed."

When I look at the script in GPMC, it does not say Enforced (don't know what that means).

So:
1. How do I apply this only to the Employee OU?
2. What do I need to change to get the script to run?

Thanks.
0
Comment
Question by:ovidbailey
  • 7
  • 4
12 Comments
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 33650832
What OS is it failing on?
0
 

Author Comment

by:ovidbailey
ID: 33651062
Server 2008 R2
0
 
LVL 39

Expert Comment

by:Adam Brown
ID: 33651152
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 39

Expert Comment

by:Adam Brown
ID: 33651156
Well, no need for drive mapping scripts, anyway :D
0
 

Author Comment

by:ovidbailey
ID: 33651770
Yeah, I understand, but I'm just using the login script as a test of (a) getting any script to run and (b) getting it associated with only one OU rather than the domain.
0
 

Author Comment

by:ovidbailey
ID: 33651914
So the original question is, within the GUI of 2008 R2, (a) how do I apply this only to the Employees OU and (b) why would it not be running?
0
 
LVL 39

Expert Comment

by:Adam Brown
ID: 33651915
To troubleshoot that, you'll need to try running the command as it shows up in the script as the user. The problem is probably not with the policy, but where the file is located. I've personally never been a big fan of storing scripts in sysvol (partly because I've never gotten it to work right), If you have it in a location where the policy is being applied properly, you should only need to link the policy to the OU that you want and unlink it from all others.
0
 

Author Comment

by:ovidbailey
ID: 33651943
But this is quite different from the UI in 2000 and 2003. That's the process that I can't figure out - how do I unlink it from all the others?
0
 

Author Comment

by:ovidbailey
ID: 33651952
BTW, under that account, I can open the command prompt, navigate to the Sysvol folder, and run the script from there without a problem.
0
 
LVL 39

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 33651963
To remove the link, expand the OU, right click the GPO, and click Delete. You'll be prompted with a notice that tells you deleting it will delete the link and not the GPO, click yes and the link is removed.
0
 

Author Comment

by:ovidbailey
ID: 33652033
OK, so that solved item (1), I think.

RSOP gives the result that I would expect (when I link the GPO to the OU), but GPResult's does not show the problematic script.

So RSOP shows it, but GPResult /user /v does not.

I gotta have something screwed up. I'll try your suggestion of putting the scripts into a different folder and see if that makes a difference.

Think I'll get some sleep and hit this in the morning when I'm fresh. Will update you then. Thanks.
0
 

Author Comment

by:ovidbailey
ID: 33687451
Figured it out. Location of script wasn't the issue, but the location of the user was. I had been applying the policy to an OU called Physicians, but the user was still in the Employees OU. Moved the account into Physicians OU, and it worked fine. When I ran gpresult and looked a little closer, it was obvious that the OU membership wasn't what I thought it was. Thanks.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Active Directory Recycle Bin - AD Size Increase. 2 24
Office 365 Single Sign On 2 32
ACTIVE DIRECTORY 18 45
Active Directory Photo Tab 4 22
Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
Resolve DNS query failed errors for Exchange
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question