Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

GPO Policy not running cmd script

Posted on 2013-01-22
8
Medium Priority
?
802 Views
Last Modified: 2013-01-25
I have a Windows 2008 Server R2 64bits, i have created a gpo policy for running a cmd script, also apply some templates for active desktop. The problem is that is just appling the templates but is not running the cmd script. The script is located in the default directory for users logon scripts
policy.jpg
0
Comment
Question by:gioberty
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 1

Expert Comment

by:kaeadmin
ID: 38806598
I'm not sure what your script actually looks like, could you provide the code?  Also, I've never used .cmd in a logon script, I always use .bat, so that the batch file runs on logon, but I believe you can use the .cmd extension.

Try it with .bat, and if that fails, copy the script here and more people can help.

Regards,
0
 

Author Comment

by:gioberty
ID: 38806716
I have tried with .bat and .cmd and fails

The code is this
Windows Registry Editor Version 5.00

@echo off
REG DELETE "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\" /v  Proxy /f
REG DELETE "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\" /v  ConnectionsTab /f


REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 1  /f
REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyOverride /d "192.168.*.*"  /f
REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer /d "192.168.1.200:8080" /f
REG ADD "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /d "http://www.espalsa.com.do" /f
_____________________________________

I put pauses to realiza if the script was running and is not, so thje code is not the problem, the problem is that is not been run
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 38806819
It this line within your script or was is just from a copy/past?

Windows Registry Editor Version 5.00

Turn  echo on and run the script manually from a client. Open it directly from \\domain\sysvol\policies\..\..\

Does it run without any problems?
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 3

Expert Comment

by:hench01
ID: 38806839
Also have you checked the event viewer for errors?

Cheers!
0
 

Author Comment

by:gioberty
ID: 38806959
Hi, run the script manually from the server it runs perfectly. Im looking for problems in Active Directory, maybe its something wrong because i put the user in domain admin group and it's not reflecting the change
0
 
LVL 1

Accepted Solution

by:
kaeadmin earned 2000 total points
ID: 38808985
Does the user have rights to edit the registry?

Also, have you tried creating a .reg file, then calling that from the script instead?

The script would be something like:

reg import \\server\files\regchange.reg

Also check the permissions on the GPO:

Edit the GPO, then at the very top, right click the name of the GPO and select Properties, select the security tab and ensure Domain Admins aren't set for Deny.
0
 

Author Comment

by:gioberty
ID: 38810308
Excellent. Calling the reg from a cmd and running the cmd as script it works perfect now. I just have to figure out how give permission to create registry keys to the user because if the key exist the user can modify the value, but if it does'n exist cannot creat it
0
 
LVL 1

Expert Comment

by:kaeadmin
ID: 38818486
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question