Solved

One Time Login Script for a Global Security Group

Posted on 2011-09-14
4
495 Views
Last Modified: 2012-05-12
Running ActiveDirectory 5.2 on a Windows 2003 SP2 Machine

We are running a major update on a server based database. After the installation, there is an ActiveX exe file that is on the server that has to be run on all of the database users computers (about 30-40 people - only about 20% of our full staff). They are all in a global security group on our active directory (although it's not their main group). They also each have a batch file that runs on login to map the correct network drives (although there are a few different .bat files that's dependent on their department - all of these users don't all run the same .bat file).

This is what tech support at the software company said:

"Once the installation is complete on the database server, a file called “xxxxxxxx.exe” will be added to the xx\common directory on your application server.  If you place this file in your users’ Login script, then it will run when logging into the domain."

Is it possible to run a batch file on a security group only once (the next time they login) and still run their primary batch file?

Thanks!
0
Comment
Question by:atlspsch
4 Comments
 

Expert Comment

by:wenogk
ID: 36537440
yes, go to google.com and search for "batch execution on security group".
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 500 total points
ID: 36564327
Hopefully you don't actually assign login scripts to the actual user account. Login scripts can be assigned an a per OU basis, which is a lot better than using a single monolithic login script. There isn't a good way to only run a script once. What I do is in my login script check to see if a specific file exists. If it does, I know that the login script has been run before and I just exit.  Once you are confident that everyone has run the script, you can just disable the GPO used to assign it.

http://www.petri.co.il/setting-up-logon-script-through-gpo-windows-server-2008.htm

REM Checks to see if we have successfully run before
if exist %temp%\DBactiveX20110919.txt goto END

REM Runs the executable and check to see if it was successful
\\server\share\xxxxxxxx.exe
if errorlevel 1 goto FAILURE

REM Build the log file for email notification
echo %time% %date% xxxxxxxx.exe successful for %username% on %computername% > %temp%\xxxxxxxx.log

REM BLAT is a great free emailer utility from http://www.blat.net/
blat -server smtp.yourcompany.com  -to you@yourcompany.com -f administrator@yourcompany.com -subject "xxxxxxxx.exe successful for %username% on %computername%" -bodyF %temp%\xxxxxxxx.log

REM Tag the filesystem so we know that we have been successful so we don't run the executable again
copy %temp%\xxxxxxxx.log %temp%\DBactiveX20110919.txt 
goto END

:FAILURE
echo %time% %date% xxxxxxxx.exe FAILED for %username% on %computername% > %temp%\xxxxxxxx.log
blat -server smtp.yourcompany.com  -to you@yourcompany.com -f administrator@yourcompany.com -subject "xxxxxxxx.exe FAILED for %username% on %computername%" -bodyF %temp%\xxxxxxxx.log


:END

Open in new window

0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now