?
Solved

Windows 2008 R2 RDS Logon Scripts will not run at Logon

Posted on 2012-04-10
10
Medium Priority
?
3,685 Views
Last Modified: 2012-04-26
Hi,

We are currently testing new terminal servers in our environment using Windows 2008 R2 SP1 and use logon scripts during the logon process for our users. We have Windows 2003 Domain Controllers. All of our scripts run fine when running on our existing 2003 Terminal servers.

None of our logon scripts are running at logon, this does not appear to relate to the content of the scripts. No scripts run when assigned via group policy however they run fine when executed from the desktop. none of the users running the scripts have administrative rights.

I have performed the following: -

1. disabled UAC
2. enabled linked connections
3. configured the sysvol path in ESC domains (to prevent security dialog boxes blocking running the scripts)
4.I have created a vbscript containing a single wscript.echo statement and a batch file containing a single "pause" command, these simple scripts still do not run via GPO but run fine when executed manually.
5. run a RSOP and checked the last run time of the scripts, none of the scripts have a time (suggesting that they have never run).

Any further pointers would be much appreciated.
0
Comment
Question by:Tolomay
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
10 Comments
 

Author Comment

by:Tolomay
ID: 37828302
just to add to this,

I have tried the logon scripts using the local GPO on the server and they still do not run.
0
 
LVL 1

Expert Comment

by:BrewersFanRick
ID: 37844079
I was really hoping someone had a solution for this too.   I've come across the same thing.
0
 

Author Comment

by:Tolomay
ID: 37844645
yeah, I'm hoping it's just a simple setting somewhere, but there doesn't seem to be any information about this.
0
Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

 
LVL 56

Expert Comment

by:McKnife
ID: 37849413
Hi.

It would help us if you would supply one of the failing scripts.
0
 

Author Comment

by:Tolomay
ID: 37850170
Thanks for your reply,

I'm certain this has nothing to do with the scripts themselves as I have linked extremely simple scripts which still do not run. A sample vbscript is shown below: -

wscript.echo "test"

or a sample batch file: -

echo test
pause

The RSOP shows no run time against any of the scripts, suggesting that they have not run.

The actual scripts run fine when run from the desktop direct from the sysvol share and none of the scripts require admin permissions, which to me suggests this is not related to UAC
0
 
LVL 56

Expert Comment

by:McKnife
ID: 37853007
Please take a batch file (.bat) that creates a folder below %Temp% and see if it gets created.
md %temp%\%date%

"echo test" is no test at all as logon scripts run invisible.
0
 

Author Comment

by:Tolomay
ID: 37853200
They do by default yes, however is possible to change that behaviour. I've enabled "run logon scripts visible" in group policy. This works well in 2003 Server, Unless Microsoft has dropped support for this in 2008 R2 (which would suck). I've also set the timeout on the welcome screen so I can see what's going on behind it.

I've also tried various other non-interactive scripts and none of these work either.

md %temp%\%date% returns a syntax error on my machine (I think it's to do with the %date% variable).

md %temp%\test works fine when run from the desktop, however after deleting the folder and logging back on this doesn't run as a logon script.

even scripts from the local group policy won't run, which suggests to me it could be  problem with the local machine setup, so I'm currently checking the security settings using SCM, I think I've ruled out Mcafee and IE security.
0
 
LVL 56

Expert Comment

by:McKnife
ID: 37853314
Ok... did you use a batch or vbs for md %temp%...? Take a batch. There have been problems with .vbs files in logon scripts (although I must confess that those were UAC related).
0
 

Accepted Solution

by:
Tolomay earned 0 total points
ID: 37875514
Ok, I've finally found the solution to this problem, after checking the GPO event logs in detail  and reviewing Process Monitor logs in detail.

GPOScript.exe was being launched as expected at logon with the /logon switch, however wscript.exe or cmd.exe where not running. The GPO logs showed that the scripts where only running for several milliseconds, which to me suggested that they where not running at all.

After building a new server from scratch (which worked fine), I determined that the PATH environment variable had somehow been deleted from our server build. This prevented windows from finding wscript.exe, cmd.exe etc. After recreating it, the problem was resolved.

That concluded a frustrating few days! No one has owned up to this yet :)

But I thought I'd mention it unless anyone comes accross a similar issue.
0
 

Author Closing Comment

by:Tolomay
ID: 37896031
PATH Variable is critical in order for logon/logoff scripts to function. This may not be obvious, so it is useful information for anyone else with this problem.
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A small collection of useful tips and tricks for Windows 10 users that I decided to write as a result of recent questions that were asked and answered at Experts Exchange. Two short video tutorials included. Enjoy..
Windows 10 Creator Update has just been released and I have it working very well on my laptop. Read below for issues, fixes and ideas.
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question