Solved

One Time Login Script for a Global Security Group

Posted on 2011-09-14
4
503 Views
Last Modified: 2012-05-12
Running ActiveDirectory 5.2 on a Windows 2003 SP2 Machine

We are running a major update on a server based database. After the installation, there is an ActiveX exe file that is on the server that has to be run on all of the database users computers (about 30-40 people - only about 20% of our full staff). They are all in a global security group on our active directory (although it's not their main group). They also each have a batch file that runs on login to map the correct network drives (although there are a few different .bat files that's dependent on their department - all of these users don't all run the same .bat file).

This is what tech support at the software company said:

"Once the installation is complete on the database server, a file called “xxxxxxxx.exe” will be added to the xx\common directory on your application server.  If you place this file in your users’ Login script, then it will run when logging into the domain."

Is it possible to run a batch file on a security group only once (the next time they login) and still run their primary batch file?

Thanks!
0
Comment
Question by:atlspsch
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 

Expert Comment

by:wenogk
ID: 36537440
yes, go to google.com and search for "batch execution on security group".
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 500 total points
ID: 36564327
Hopefully you don't actually assign login scripts to the actual user account. Login scripts can be assigned an a per OU basis, which is a lot better than using a single monolithic login script. There isn't a good way to only run a script once. What I do is in my login script check to see if a specific file exists. If it does, I know that the login script has been run before and I just exit.  Once you are confident that everyone has run the script, you can just disable the GPO used to assign it.

http://www.petri.co.il/setting-up-logon-script-through-gpo-windows-server-2008.htm

REM Checks to see if we have successfully run before
if exist %temp%\DBactiveX20110919.txt goto END

REM Runs the executable and check to see if it was successful
\\server\share\xxxxxxxx.exe
if errorlevel 1 goto FAILURE

REM Build the log file for email notification
echo %time% %date% xxxxxxxx.exe successful for %username% on %computername% > %temp%\xxxxxxxx.log

REM BLAT is a great free emailer utility from http://www.blat.net/
blat -server smtp.yourcompany.com  -to you@yourcompany.com -f administrator@yourcompany.com -subject "xxxxxxxx.exe successful for %username% on %computername%" -bodyF %temp%\xxxxxxxx.log

REM Tag the filesystem so we know that we have been successful so we don't run the executable again
copy %temp%\xxxxxxxx.log %temp%\DBactiveX20110919.txt 
goto END

:FAILURE
echo %time% %date% xxxxxxxx.exe FAILED for %username% on %computername% > %temp%\xxxxxxxx.log
blat -server smtp.yourcompany.com  -to you@yourcompany.com -f administrator@yourcompany.com -subject "xxxxxxxx.exe FAILED for %username% on %computername%" -bodyF %temp%\xxxxxxxx.log


:END

Open in new window

0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question