Solved

One Time Login Script for a Global Security Group

Posted on 2011-09-14
4
494 Views
Last Modified: 2012-05-12
Running ActiveDirectory 5.2 on a Windows 2003 SP2 Machine

We are running a major update on a server based database. After the installation, there is an ActiveX exe file that is on the server that has to be run on all of the database users computers (about 30-40 people - only about 20% of our full staff). They are all in a global security group on our active directory (although it's not their main group). They also each have a batch file that runs on login to map the correct network drives (although there are a few different .bat files that's dependent on their department - all of these users don't all run the same .bat file).

This is what tech support at the software company said:

"Once the installation is complete on the database server, a file called “xxxxxxxx.exe” will be added to the xx\common directory on your application server.  If you place this file in your users’ Login script, then it will run when logging into the domain."

Is it possible to run a batch file on a security group only once (the next time they login) and still run their primary batch file?

Thanks!
0
Comment
Question by:atlspsch
4 Comments
 

Expert Comment

by:wenogk
Comment Utility
yes, go to google.com and search for "batch execution on security group".
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 500 total points
Comment Utility
Hopefully you don't actually assign login scripts to the actual user account. Login scripts can be assigned an a per OU basis, which is a lot better than using a single monolithic login script. There isn't a good way to only run a script once. What I do is in my login script check to see if a specific file exists. If it does, I know that the login script has been run before and I just exit.  Once you are confident that everyone has run the script, you can just disable the GPO used to assign it.

http://www.petri.co.il/setting-up-logon-script-through-gpo-windows-server-2008.htm

REM Checks to see if we have successfully run before
if exist %temp%\DBactiveX20110919.txt goto END

REM Runs the executable and check to see if it was successful
\\server\share\xxxxxxxx.exe
if errorlevel 1 goto FAILURE

REM Build the log file for email notification
echo %time% %date% xxxxxxxx.exe successful for %username% on %computername% > %temp%\xxxxxxxx.log

REM BLAT is a great free emailer utility from http://www.blat.net/
blat -server smtp.yourcompany.com  -to you@yourcompany.com -f administrator@yourcompany.com -subject "xxxxxxxx.exe successful for %username% on %computername%" -bodyF %temp%\xxxxxxxx.log

REM Tag the filesystem so we know that we have been successful so we don't run the executable again
copy %temp%\xxxxxxxx.log %temp%\DBactiveX20110919.txt 
goto END

:FAILURE
echo %time% %date% xxxxxxxx.exe FAILED for %username% on %computername% > %temp%\xxxxxxxx.log
blat -server smtp.yourcompany.com  -to you@yourcompany.com -f administrator@yourcompany.com -subject "xxxxxxxx.exe FAILED for %username% on %computername%" -bodyF %temp%\xxxxxxxx.log


:END

Open in new window

0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now