[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

GPO VB login script won't run for new users

Posted on 2011-02-21
17
Medium Priority
?
929 Views
Last Modified: 2012-08-13
Hi Guys,

We have a VB login script for users in the GPO of Windows Server 2008.
The login script works just fine for existing users, but for two new users the script won't run.
The workstations are on Windows 7 OS.

The workstations have been successfully joined to the domain.

Any help will be appreciated.
Regards, Rupert


0
Comment
Question by:Rupert Eghardt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 3
  • +2
17 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34941551
Check on that Windows 7 if you disable UAC, does it work? Probably UAC is the root issue for that

Regards,
Krzysztof
0
 
LVL 44

Expert Comment

by:Amit
ID: 34941638
Where you have configured it in GPO?

Computer Configuration or User Config.

If Computer Config, move computer objects to same OU where you applied it.
0
 

Author Comment

by:Rupert Eghardt
ID: 34941981
In the GPO the script is save under
C:\Windows\sysvol\domain\policies\{xxx}\user\scripts\logon
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 44

Expert Comment

by:Amit
ID: 34942380
Check application logs, if AV is or something is trying to block it.
0
 

Author Comment

by:Rupert Eghardt
ID: 34942549
The scripts runs manually, when running the logon.vbs file from the workstation side.

Upon running the script manually there was a problem reported on line 7:
StrGroups=LCase(Join(CurrentUser.MemberOf))

After removing this line the logon script ran manually without reporting any problem.
* Not sure why the existing workstations didn't give an error on this line?
Could it be, because the new user is not part of a group?

We still have to run the script manually on these two workstations,  We've put the script in the start-up which seems to be working for now.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34942637
Looks like insufficient user's rights for this script action. Startup scripts use higher privileges for running scripts.

Krzysztof
0
 

Author Comment

by:Rupert Eghardt
ID: 34942674
One of these users had a workstation before, that mapped the network drives successfully, it is still the same user account, etc.  Why only when the user got a new PC did the problems begin?
The user also had Windows 7 OS before.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34942714
Could you post this script here for analyze, please?

Krzysztof
0
 

Author Comment

by:Rupert Eghardt
ID: 34942789
'Option Explicit

Set wshNetwork = CreateObject("WScript.Network")

Set ADSysInfo = CreateObject("ADSystemInfo") Set CurrentUser = GetObject("LDAP://" & ADSysInfo.UserName)
strGroups = LCase(Join(CurrentUser.MemberOf))

Dim strDriveLetter, strRemotePath
Dim objNetwork, objShell
Dim CheckDrive, AlreadyConnected, intDrive

                             
strDriveLetter1 = "W:"
strRemotePath1 = "\\SERVER-SBS\UserShares\" & wshNetwork.UserName

strDriveLetter2 = "M:"
strRemotePath2 = "\\SERVER-SBS\Management"

strDriveLetter3 = "S:"
strRemotePath3 = "\\SERVER-SBS\Sales"

strDriveLetter4 = "Q:"
strRemotePath4 = "\\SERVER-SBS\QMS"

WScript.Quit
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34942919
Try this script (please ensure that users have configured Home Drive and Home path within their properties in AD)

 
On Error Resume Next

Set objSysInfo = CreateObject("ADSystemInfo")
Set objNetwork = CreateObject("WScript.Network")
Set objShell = CreateObject("WScript.Shell")
Set objUser = GetObject("LDAP://" & objSysInfo.UserName)
set objFSO = CreateObject("Scripting.FileSystemObject")

strDomain = LCase(objNetwork.UserDomain)
strUser = LCase(objNetwork.UserName)
strHomeDrive = LCase(objUser.HomeDrive)
strHomeDirectory = LCase(objUser.HomeDirectory)

objNetwork.RemoveNetworkDrive "M:", True, True
objNetwork.MapNetworkDrive "M:", "\\SERVER-SBS\Management"

objNetwork.RemoveNetworkDrive "S:", True, True
objNetwork.MapNetworkDrive "S:", "\\SERVER-SBS\Sales"

objNetwork.RemoveNetworkDrive "Q:", True, True
objNetwork.MapNetworkDrive "Q:", "\\SERVER-SBS\QMS"

objNetwork.MapNetworkDrive strHomeDrive, strHomeDirectory

Open in new window


Krzysztof
0
 
LVL 3

Expert Comment

by:thomasd04
ID: 34943011
Hi rupertvz. Have you already confirmed that the GPO is being applied to the two computers with RSoP via MMC or GPRESULT from the command-line? Just to make sure that this is isolated script problem or possibly a GPO problem.
0
 
LVL 39

Assisted Solution

by:Krzysztof Pytko
Krzysztof Pytko earned 664 total points
ID: 34943165
OK remove

strHomeDrive = LCase(objUser.HomeDrive)
strHomeDirectory = LCase(objUser.HomeDirectory)
objNetwork.MapNetworkDrive strHomeDrive, strHomeDirectory

in your case doesn't make sense :)

use

objNetwork.RemoveNetworkDrive "W:", True, True
objNetwork.MapNetworkDrive "W:", "\\SERVER-SBS\UserShares\" & strUser
0
 

Author Comment

by:Rupert Eghardt
ID: 34943207
Hi Thomas,  Do I need a specific switch for GPResult?
0
 
LVL 3

Expert Comment

by:thomasd04
ID: 34943428
You can run it two different ways:
1- gpresult > C:\gp.txt
This will output the results to a text file you can then post up here if you need help reading it.
2- gpresult /USER username > C:\gp_username.txt
This will output the results that affect the user that you specify and will also write to a text file.

0
 

Author Comment

by:Rupert Eghardt
ID: 34943664
I am already away from the workstation, will check tomorrow morning.
I see that I should run switch for example:  GPRESULT /R

If the GPO is not yet applied to the W/S, how can I force apply the GPO to the W/S?
0
 
LVL 3

Accepted Solution

by:
thomasd04 earned 668 total points
ID: 34943720
From the run or command prompt you can use GPUPDATE /FORCE. Or simply restarting the target computer will refresh the GPO settings. If the gpresult isn't showing the correct GPO being applied than you have a problem that's independent of the contents of the script.

Running RSoP will show more detailed information about what is being applied.
0
 
LVL 5

Assisted Solution

by:LarcenIII
LarcenIII earned 668 total points
ID: 34951756
GPUPDATE /FORCE

If it asks to reboot, that usually does the trick. If it does not, then check firewall / Permissions and try again until it does ask you to reboot.

This has become SOP for me when adding Windows 7 computers to my domain. (Very old Domain)
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This Micro Tutorial will teach you how to change your appearance and customize your Windows 7 interface to your unique preference. This will be demonstrated using Windows 7 operating system.

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question