Solved

Windows 2008 R2 RDS Logon Scripts will not run at Logon

Posted on 2012-04-10
10
3,647 Views
Last Modified: 2012-04-26
Hi,

We are currently testing new terminal servers in our environment using Windows 2008 R2 SP1 and use logon scripts during the logon process for our users. We have Windows 2003 Domain Controllers. All of our scripts run fine when running on our existing 2003 Terminal servers.

None of our logon scripts are running at logon, this does not appear to relate to the content of the scripts. No scripts run when assigned via group policy however they run fine when executed from the desktop. none of the users running the scripts have administrative rights.

I have performed the following: -

1. disabled UAC
2. enabled linked connections
3. configured the sysvol path in ESC domains (to prevent security dialog boxes blocking running the scripts)
4.I have created a vbscript containing a single wscript.echo statement and a batch file containing a single "pause" command, these simple scripts still do not run via GPO but run fine when executed manually.
5. run a RSOP and checked the last run time of the scripts, none of the scripts have a time (suggesting that they have never run).

Any further pointers would be much appreciated.
0
Comment
Question by:Tolomay
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
10 Comments
 

Author Comment

by:Tolomay
ID: 37828302
just to add to this,

I have tried the logon scripts using the local GPO on the server and they still do not run.
0
 
LVL 1

Expert Comment

by:BrewersFanRick
ID: 37844079
I was really hoping someone had a solution for this too.   I've come across the same thing.
0
 

Author Comment

by:Tolomay
ID: 37844645
yeah, I'm hoping it's just a simple setting somewhere, but there doesn't seem to be any information about this.
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 55

Expert Comment

by:McKnife
ID: 37849413
Hi.

It would help us if you would supply one of the failing scripts.
0
 

Author Comment

by:Tolomay
ID: 37850170
Thanks for your reply,

I'm certain this has nothing to do with the scripts themselves as I have linked extremely simple scripts which still do not run. A sample vbscript is shown below: -

wscript.echo "test"

or a sample batch file: -

echo test
pause

The RSOP shows no run time against any of the scripts, suggesting that they have not run.

The actual scripts run fine when run from the desktop direct from the sysvol share and none of the scripts require admin permissions, which to me suggests this is not related to UAC
0
 
LVL 55

Expert Comment

by:McKnife
ID: 37853007
Please take a batch file (.bat) that creates a folder below %Temp% and see if it gets created.
md %temp%\%date%

"echo test" is no test at all as logon scripts run invisible.
0
 

Author Comment

by:Tolomay
ID: 37853200
They do by default yes, however is possible to change that behaviour. I've enabled "run logon scripts visible" in group policy. This works well in 2003 Server, Unless Microsoft has dropped support for this in 2008 R2 (which would suck). I've also set the timeout on the welcome screen so I can see what's going on behind it.

I've also tried various other non-interactive scripts and none of these work either.

md %temp%\%date% returns a syntax error on my machine (I think it's to do with the %date% variable).

md %temp%\test works fine when run from the desktop, however after deleting the folder and logging back on this doesn't run as a logon script.

even scripts from the local group policy won't run, which suggests to me it could be  problem with the local machine setup, so I'm currently checking the security settings using SCM, I think I've ruled out Mcafee and IE security.
0
 
LVL 55

Expert Comment

by:McKnife
ID: 37853314
Ok... did you use a batch or vbs for md %temp%...? Take a batch. There have been problems with .vbs files in logon scripts (although I must confess that those were UAC related).
0
 

Accepted Solution

by:
Tolomay earned 0 total points
ID: 37875514
Ok, I've finally found the solution to this problem, after checking the GPO event logs in detail  and reviewing Process Monitor logs in detail.

GPOScript.exe was being launched as expected at logon with the /logon switch, however wscript.exe or cmd.exe where not running. The GPO logs showed that the scripts where only running for several milliseconds, which to me suggested that they where not running at all.

After building a new server from scratch (which worked fine), I determined that the PATH environment variable had somehow been deleted from our server build. This prevented windows from finding wscript.exe, cmd.exe etc. After recreating it, the problem was resolved.

That concluded a frustrating few days! No one has owned up to this yet :)

But I thought I'd mention it unless anyone comes accross a similar issue.
0
 

Author Closing Comment

by:Tolomay
ID: 37896031
PATH Variable is critical in order for logon/logoff scripts to function. This may not be obvious, so it is useful information for anyone else with this problem.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question