VB logon script only works at second logon

Greetings all,

I've run into a strange VBScript error with a logon script I've created.  At one point the script has to copy a shortcut to the end users desktop.  This has to be copied at each logon because the URL will change from one server to another depending on which is the primary.

When the URL in the source file is changed to a new server, end users log in and the script should overwrite the existing file with the new one that has the correct URL.

Problem is, the script only seems to work the second time the end users log in.  Below is the script and any help would be great....

On Error Resume Next

'Set variables for group determination etc.
Set objSysInfo = CreateObject("ADSystemInfo")
Set objNetwork = CreateObject("Wscript.Network")
Set WSHShell = CreateObject("Wscript.Shell")
Set WSHProcess = WSHShell.Environment("Process")
'Set objShell = CreateObject(wscript.shell)

'Get the distinguished name of the user that logged on
strUserPath = "LDAP://" & objSysInfo.UserName
Set objUser = GetObject(strUserPath)

'Report back the groups the user belongs to.
For Each strGroup in objUser.MemberOf
    strGroupPath = "LDAP://" & strGroup
    Set objGroup = GetObject(strGroupPath)
    strGroupName = objGroup.CN

'Get the Logon Server and end script if not xxxxxxx
'DomainLogonServer = WSHProcess("LogonServer")

' Call the AD Security Group and copy appropriate shortcut.

      Select Case strGroupName

        Case "TN-BACS Users"
            Set objFSO = CreateObject("Scripting.FileSystemObject")
            set WshShell = WScript.CreateObject("WScript.Shell")
            tDesktopPath = WshShell.SpecialFolders("Desktop")
            objFSO.CopyFile "C:\Scripts\Shortcut\Picture Perfect 4 Client.*", tDesktopPath, True

        Case "TN-BACSWEB-Users"
            Set objFSO = CreateObject("Scripting.FileSystemObject")
            set WshShell = WScript.CreateObject("WScript.Shell")
            tDesktopPath = WshShell.SpecialFolders("Desktop")
            objFSO.CopyFile "C:\Scripts\Shortcut\BACSWEB.*", tDesktopPath, True

    End Select

Who is Participating?
alicainConnect With a Mentor Commented:
Just a quick thought - Are we talking about "second login after a reboot?" If so, have you enabled Always Wait For Network?
yccdadminsAuthor Commented:
This is really weird - it has to be some kind of Microsoft glitch.  I added the following lines in before the copy.  It works great - but only on the second login.  Login once and nothing works but no error messages.  Login the second time and the file has been deleted and replaced with the new shortcut.

Why does this only work on the second login?

Dim oFS

 Set objWshShell = CreateObject("WScript.Shell")
 Set oFS = CreateObject("Scripting.FileSystemObject")


 IF oFS.FileExists(Userprofile & "\desktop\Picture Perfect 4 Client.*") THEN
 oFS.DeleteFile (Userprofile & "\desktop\Picture Perfect 4 Client.*")

 IF oFS.FileExists(Userprofile & "\desktop\BACSWEB.*") THEN
 oFS.DeleteFile (Userprofile & "\desktop\BACSWEB.*")
yccdadminsAuthor Commented:
Ignore the whole part in the last comment with the "If" stuff.

I've tested this again and the original script as listed above works consistently but only on the second logon.

Anyone have any idea why a logon script would run with no errors but only work the second time someone logs in.

Also should note that this is a login via remote desktop.
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Steve KnightIT ConsultancyCommented:
I haven't had time to look at script or know why, unless network is not available when script runs -the i.e. wireless being used etc. but just wondered if instead you could do something like having all the shortcuts present on desktop and using ntfs permissions to stop access to them?

Do you know that the script runs at all, i.e. how far it gets based on other parts of same script, or could put some debugging in, either simple 'wscript.echo "line 1" or some logging to file.

if the script doesnt make it to start at all, we need to look at different to if it fails on first login part way through.

RobOwner (Aidellio)Commented:
Are you calling it via a mapped drive or unc path?
Robberbaron (robr)Commented:
and from NetLogon ?

agree with dragon, need to write some debug output for all users, to the netlogon area.
Robberbaron (robr)Commented:
heres part of logon script i wrote a while ago to copy dll to client

const LogFldr="\\boss\SYSVOL\ZEUS.com.au\logs\"       

	dim a, src , sVers
	dim fs
	lf = "installs.log"
	Set oNet = CreateObject("WScript.Network")

	datetime=Year(now()) & Right("0" & Month(now()), 2) & Right("0" & Day(now()), 2) & "=" & Right("0" & Hour(now()), 2) & Right("0" & Minute(now()), 2) '& Right("0" & Second(now()), 2)

	Set fso = CreateObject("Scripting.FileSystemObject")  
	sysfld = fso.GetSpecialFolder(1)    'the system folder
	winfld =  fso.GetSpecialFolder(0)   'the windows folder

	' write to Log 
	Set flf = fso.GetFile(logfldr & lf)
	Set tslf = flf.OpenAsTextStream(OpenFileForAppending)

	tslf.Write (Onet.ComputerName & " , " & "BEGIN" & " , " & Datetime & vbCrLf)

tslf.Write (Onet.ComputerName & " , " & "1:xx" & vbcrlf)


Open in new window

Robberbaron (robr)Commented:
so i add number log output to various parts of the script to see where and when it gets run.

are you sure your only have one logon server ??  each server with AD role can process logons as the NETLOGON folder is replicated.  thats one reason i use the sysvol UNC so it doesn't matter.
yccdadminsAuthor Commented:
Hello all and thanks for the input.

Let me try and answer some of the questions to help narrow things down.

- I double checked the script by running it locally (double clicked on the .vbs file) and it works as intended.  The script copies the new(er) URL shortcut and overwrites the existing due to the "True" at the end of the objFSO.CopyFile.  That's what I've read that is for anyway,

- The script is run via local Group Policy on a Windows RDS server when end users log in to perform tasks.

- After a changes is made to the URL shortcut, and an end user logs in for the first time, the script doesn't seem to run.  The reason I say this is because there are no errors revealed from the compiler or in any logs.

- When the end user logs out and then logs back in, everything works like a charm.

I have had this same issue in the past while working for another organization.  I'm pretty sure it is a Microsoft "feature" that requires some policy to be enabled (or disabled) but I've lost my notes.

Thanks you for your assistance and I'll keep digging as well.
Steve KnightIT ConsultancyCommented:
If you put some logging in their to show the user you can see if it is running at all to rule that out, or whether it is running and getting so far then choking.

yccdadminsAuthor Commented:
That was it alicain - or at least most of it!  I looked up that GPO and also found another that is needed to resolve this issue.  They are both as follows:

“Always wait for the network at computer startup and logon”  located at…

Computer Configuration\Administrative Templates\Windows Components\Windows Logon Options\

“Run logon scripts synchronously” located at…

Computer Configuration\Administrative Templates\System\Scripts\

Once you got me searching on "Always wait..." I found it in my notes from a year or so ago.  Unfortunately I didn't write down the URL where I found the fix.

Now that I've applied these two GP objects the script runs at first logon every time.  My notes said the login was slower when I did this a while back but it might have been the older system - didn't really notice a difference on this server.

Steve KnightIT ConsultancyCommented:
Was going to post those which you do need but you got there first.  Always a good idea to turn on the options to run login script visibly when it isn't already too so you can see what is going on.

Tends to happen more with Wireless networks than wired, and also if you logon immediately the logon box appears than waiting until everything has fully loaded.

Good to hear that did the trick.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.