Solved

VBS Login Script not executing on Windows 2008 Desktop Services

Posted on 2010-11-08
8
1,761 Views
Last Modified: 2013-11-21
I have a VBS login script that works fine in Terminal Services 2003 server and also on the desktops connecting to Active Directory. However, when a user connects to the Windows 2008 Terminal Server or Remote Desktop Services, the login script does not execute. Other observations:
- If you navigate to the Login Script location, and execute it manually, it works fine.
- The script is launched via group policy
- This seems to have happened ever since day 1 of installing RDS 2008
0
Comment
Question by:skaceli1
  • 4
  • 3
8 Comments
 
LVL 7

Expert Comment

by:tstritof
Comment Utility
Hi,

have you tried running RSOP to determine if the login script GPO is applied correctly on your 2008 RDS?

What is your login script location? W2K3 and W2K8 have different structures of user folders ("Documents and Settings" on 2K3 and "Users" on 2K8). This can cause problems in some scenarios when folder mapping/GPO application/logins/user profiles are concerned.

Regards,
Tomislav
0
 

Author Comment

by:skaceli1
Comment Utility
It appears that the GPO is applied correctly in teh 2008 RDS. After running RSOP, I can see what scripts are assigned to run on user logon under User Configuration.

The script location is under the netlogon directory for the domain server. If you go \\domainserver\netlogon and run it from there it works fine.
0
 
LVL 7

Expert Comment

by:tstritof
Comment Utility
Are there any errors logged in event log on RDS or domain controller (system/application/security)? Also check RDS logs on W2K8.

The behaviour you describe might point to GPO not being processed at logon due to network connectivity problems ("slow network"). This can be explicitly overriden by forcing scripts to run even in "slow network" conditions. Try editing the GPO that applies to terminal server. Open the:

Computer Configuration -> (Policies) -> Administrative Templates -> System -> Group Policy

Find "Scripts policy processing", enable it and set "Allow processing across a slow network connection". After that go to your RDS and run gpupdate /force in elevated command prompt. Then log off and check if the script runs on next logon.

Regards,
Tomislav
0
 

Author Comment

by:skaceli1
Comment Utility
Still no good. I tried the following:
Logs - no error
Policy - added the recommended policy change above
Location - moved the server under the workstations group in AD and still no go.
0
How does your email signature look on mobiles?

Do your employees use mobile devices to reply to emails? With mobile becoming increasingly important to the business world, it is in your best interest to make sure that your email signature looks great across all types of devices.

 
LVL 7

Accepted Solution

by:
tstritof earned 250 total points
Comment Utility
Hi,

could you please try the following:
- run gpupdate /force /wait:-1 when logged on to the console as administrator,
- run gpupdate /force /wait:-1 when logged on through RDP as administrator,
- run gpupdate /target:User /force /wait:-1 when logged on through RDP as regular user

Check event logs for errors on each step. If any one processing takes more than 10 minutes before it returns to command prompt then it's probably timing out so report that too.

Finally try the following:
- log on through RDP as administrator
- run gpupdate /target:Computer /force /wait:-1
- run gpupdate /target:User /sync
- log off
- log on again through RDP as administrator

If any errors or timeouts are reported in event logs please report.

Finally check in RDS Host Management what processes are started after you log on, and how long it takes for a session and it's processes to disappear from the RDS after user logs off.

Regards,
Tomislav
0
 

Author Comment

by:skaceli1
Comment Utility
At this time we went ahead and added the login script to the startup menu and seems to be working. Awarding the points for the effort. Will try your recommendation sometime soon.
0
 
LVL 7

Expert Comment

by:tstritof
Comment Utility
Thx, when you find cause of the problem I'll be grateful if you post back here with it.

Regards,
Tomislav
0
 
LVL 16

Expert Comment

by:Spike99
Comment Utility
We've seen the same thing.

We have a 2003 AD domain but we started adding 2008 servers last year.  At first, we also had trouble getting GPOs to apply to the new 2008 servers.  None of it was applying:  computer & log on scripts, redirected desktops, mapped printers and drives. It was driving us nuts until one of my co-workers found this solution:  give the DOMAIN COMPUTERS group READ rights to the GPO.

You can do that In The GP Management console's Delegation tab.  Click ADD to add the Domain Computers group.  you only need to grant the group READ rights.

That's all we had to do to fix it.

Alicia
0

Featured Post

Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

Join & Write a Comment

Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now