We help IT Professionals succeed at work.

GPO Startup script not working

tolinrome
tolinrome asked
on
12 Comments
1 Solution
4,510 Views
Last Modified: 2014-05-15
I have a install.bat file that is in a GPO and installs a software. When I click on the .bat file from a remote computer it installs fine, but the GPO wont work. I have the permissions on the share as the Everyone group with full control and ntfs permissions are authenticated users read\write. the gpo is enabled and linked to the OU with the laptops in it. There are no errors or anything in the application and system logs of the server or the client.
Any suggestions?
Thanks.

Inside the .bat file:

msiexec /package "\\Server\Install\Install Software.msi"

This bat file is in the Computer Configuration>Windows Settings>Startup. If I click on "Show files..." I see the .bat file in the SysVol>policies>guid>machine>scripts>startup folder (I put it in there manually).
Comment
Watch Question

View Solution Only

Joseph Daly
CERTIFIED EXPERT

Commented:
If you already have the install file in an MSI format why are you using a BAT file to install it?

With the file being an MSI you can skip the BAT and use group policy software installation in order to push it out.

http://support.microsoft.com/kb/816102

You will want to use the publish option instead of assign.
tolinrome

Author

Commented:
I was following the documentation of the vendor and thats the way they mention to do it. I'll try what you suggested, thanks.
tolinrome

Author

Commented:
Check this out from the vendor. Still cant get it to work the way you suggested also. Actually thats how I initially did it also but I went according to the documentation, either way I cant get it to work.

http://www.websense.com/content/support/library/web/hosted/admin_guide/endpoint_gpo.aspx
Joseph Daly
CERTIFIED EXPERT

Commented:
I see why they have you doing the BAT file installation now, you can not provide command line arguments with group policy software installation.

I do notice in your script you do not have the second part of the command line WSCONTEXT=xxxx you may or may not need this depending on your setup.

Did you create the share permissions and set everyone to have access to it? I believe computer startup scripts run as local system and you need to make sure the shared folder has permissions that will allow that to open the file.

What I would reccomend trying is this. Use the steps below and PSEXEC to open a command prompt as SYSTEM then attempt to browse to your shared folder. If you can get to it then you know it is accessible by the GPO. If not you need to alter your permissions.

http://blogs.technet.com/b/askds/archive/2008/10/22/getting-a-cmd-prompt-as-system-in-windows-vista-and-windows-server-2008.aspx
tolinrome

Author

Commented:
ok, I got the command prompt open as SYSTEM, but how then do I "browse" to the shared folder in the command prompt?
Joseph Daly
CERTIFIED EXPERT

Commented:
When in the system command prompt map a drive.

NET USE L: \\server\path

If the drive maps switch to L: and try browsing the tree until you get to your folder.
tolinrome

Author

Commented:
I did exactly that and it said "The command completed successfully". But there is no L: drive anywhere.
tolinrome

Author

Commented:
ok got it to work, so it is accessible by the GPO.
tolinrome

Author

Commented:
I didnt put the .bat file in the SysVol where "Show files...". Not sure if there is a need too.
discgman

Commented:
I thought that the sysvol is only for bat files you want to run from profile scripts. If it is still not working, what is the gpupdate / results?
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.

View Solution