running login scripts only in citrix not on local computer

We have 3 remote offices that connect to our main office using citrix.
The three remote offices were standalone computers and had the citrix client installed.

We are in the process of joining all the standalone computers to our domain and they are still going to use citrix to connect and do the majority of their work.

The local workstations basically have Windows XP installed or windows 7 and the citrix cklent

When they connect to citrix they get a full desktop published to them.

The issue is the login script:
We need the login script to run in the citrix environment but not on the local computers in the remote offices.
We also need the login script to run on the local computers in the main office because they do not use citrix to connect.

I'm just not sure of the best way of tackling this issue.

Periodically users from the remote offices also login at the main site and do not use citrix.

Just looking for some thoughts on how to hammer out this problem.


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Carl WebsterCitrix Technology Professional - FellowCommented:
Put the Citrix servers in their own OU and link the GPO to the OU only.
What type of login scripts do you use?
Ayman BakrSenior ConsultantCommented:
The main office's computers should also be put in a separate OU and the GPO linked to it.

That is:

1. Citrix servers in a separate OU
2. Main office's PCs in another separate OU
3. Rest of your remote offices PCs in their own OU (or OUs depending if you need to apply different settings for the different remote offices)
4. The GPO for running the login scripts should be linked to both the OUs from points 1. and 2.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

EkuskowskiAuthor Commented:
group policy logon / logooff will not work for us.  

Windows logon script is a batch file called from AD - we actually just figured it out, how we are going to get around this- we are going to use code from

and modify it for our computer naming convention.  

So basically if the computername is WXYZ-3??????? we call our login script that runs in citrix and our main site - if the name is anything else the login script just ends.

We have one more problem - in our login script we have one piece that we do not want to run on the citrix servers -  what variable can i use to tell if I'm in citrix or on a windows XP/7 computer ?
EkuskowskiAuthor Commented:
will this work
if %sessionname%=="Console" runbatch.bat

I think this will only execute runbatch.bat if I'm on a local machine , since a citrix session sessionname will be ICA or RDP something ?

does this make sense ? or is there a better way of proving I'm in citrix or not
At the beginning of the script, check whether it's a terminal server, and leave it if so:
for /f "tokens=3" %%a in ('reg query "HKLM\System\CurrentControlSet\Control\Terminal Server" /v "TSAppCompat" ^| find /i "TSAppCompat"') do set /a IsTerminalServer=%%a
echo Terminalserver: %IsTerminalServer%
if "%IsTerminalServer%"=="0" goto :eof

Open in new window

Similar to whats been said, I set an environment variable to physical machines, and XenDesktops ie (%SYSTYPE%, and it is either XenDesktop, WinXP or Win7). The logon script has some common commands, and it check the system variable to get it's environment appropriate commands.
Sorry, in case you haven't noticed and fixed it yet, just noted that line 3 in my script above should of course be
if "%IsTerminalServer%"=="1" goto :eof
The link you found is vbs. Are you going to port your batch to vbs?

If so, you can use something like:
'Get the computer name 
Set WSHNetwork = CreateObject("WScript.Network") 
strComputer = WSHNetwork.ComputerName 

If strComputer = "Netbios name of Citrix server 1" Or strComputer = "Netbios name of Citrix server 2" Then
   do the Citrix side stuffs
End If

If strComputer <> "Netbios name of Citrix server" Then
   do the PC side stuffs
End If

Open in new window

I thought I had a better answer, but I reread the question and caught an important thing - you want the Citrix servers AND local machines, but not remote machines.

What you will want to do is create a GPO for your login scripts, and link it to the Active Directory site where the Citrix servers and the corporate machines are.  By doing it that way, you will catch all the machines you want and the remote site machines will NOT run the GPO.  

Of course, make sure you have your sites set up correctly or this won't work either :-)


Ayman BakrSenior ConsultantCommented:
I didn't get why organizing your machines into OUs and linking the GPOs (which call the scripts) to them will not work in your environment.

It should be pretty straight forward.
EkuskowskiAuthor Commented:
Thank you all for your help and input.  It was more of a brainstorming problem/solution.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.