?
Solved

One Time Login Script for a Global Security Group

Posted on 2011-09-14
4
Medium Priority
?
512 Views
Last Modified: 2012-05-12
Running ActiveDirectory 5.2 on a Windows 2003 SP2 Machine

We are running a major update on a server based database. After the installation, there is an ActiveX exe file that is on the server that has to be run on all of the database users computers (about 30-40 people - only about 20% of our full staff). They are all in a global security group on our active directory (although it's not their main group). They also each have a batch file that runs on login to map the correct network drives (although there are a few different .bat files that's dependent on their department - all of these users don't all run the same .bat file).

This is what tech support at the software company said:

"Once the installation is complete on the database server, a file called “xxxxxxxx.exe” will be added to the xx\common directory on your application server.  If you place this file in your users’ Login script, then it will run when logging into the domain."

Is it possible to run a batch file on a security group only once (the next time they login) and still run their primary batch file?

Thanks!
0
Comment
Question by:atlspsch
2 Comments
 

Expert Comment

by:wenogk
ID: 36537440
yes, go to google.com and search for "batch execution on security group".
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 2000 total points
ID: 36564327
Hopefully you don't actually assign login scripts to the actual user account. Login scripts can be assigned an a per OU basis, which is a lot better than using a single monolithic login script. There isn't a good way to only run a script once. What I do is in my login script check to see if a specific file exists. If it does, I know that the login script has been run before and I just exit.  Once you are confident that everyone has run the script, you can just disable the GPO used to assign it.

http://www.petri.co.il/setting-up-logon-script-through-gpo-windows-server-2008.htm

REM Checks to see if we have successfully run before
if exist %temp%\DBactiveX20110919.txt goto END

REM Runs the executable and check to see if it was successful
\\server\share\xxxxxxxx.exe
if errorlevel 1 goto FAILURE

REM Build the log file for email notification
echo %time% %date% xxxxxxxx.exe successful for %username% on %computername% > %temp%\xxxxxxxx.log

REM BLAT is a great free emailer utility from http://www.blat.net/
blat -server smtp.yourcompany.com  -to you@yourcompany.com -f administrator@yourcompany.com -subject "xxxxxxxx.exe successful for %username% on %computername%" -bodyF %temp%\xxxxxxxx.log

REM Tag the filesystem so we know that we have been successful so we don't run the executable again
copy %temp%\xxxxxxxx.log %temp%\DBactiveX20110919.txt 
goto END

:FAILURE
echo %time% %date% xxxxxxxx.exe FAILED for %username% on %computername% > %temp%\xxxxxxxx.log
blat -server smtp.yourcompany.com  -to you@yourcompany.com -f administrator@yourcompany.com -subject "xxxxxxxx.exe FAILED for %username% on %computername%" -bodyF %temp%\xxxxxxxx.log


:END

Open in new window

0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question