• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 134
  • Last Modified:

removing a file from the start menu in wondows XP and Windows 7

I am trying to remove a .bat file that is in the start menu on the PCs in my network by using a .bat file that I created and put in a GPO in the logon script option but, it appears the PCs aren't running the script because the .bat file is still in the start menu. These are the lines I have in the .bat file that I am trying to execute via the GPO. I also have attached the GPO to the OU in GPO mgmt console. I know my .bat file works because if I run it manually it works.

del "c:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\standard drives.bat"
del "c:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\drives.bat"
del "C:\Documents and Settings\All Users\Start Menu\Programs\Startup\standard drives.bat"

Can someone tell me what is wrong?
0
jfholloway
Asked:
jfholloway
  • 5
  • 4
  • 3
  • +2
1 Solution
 
DMTechGrooupCommented:
Have you run rsop.msc to see if the policy is being applied?

Which version of MS Server are you using?
0
 
Neil RussellTechnical Development LeadCommented:
You are running this in a USER GPO. Do the users that run it have permissions to delete files from all of those areas?
0
 
Neil RussellTechnical Development LeadCommented:
And to What OU have you attached the policy? The one with ALL of your affected users?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
jfhollowaySr. Systems AdministratorAuthor Commented:
It shows nothing in the last executed field on the XP and Windows 7 PCs I looked at. The Domain is Windows 2003.
0
 
jfhollowaySr. Systems AdministratorAuthor Commented:
I attached it to the OU where the user accounts are. I believe they have the proper rights because when I run my script manually it does delete the file from the start menu.
0
 
Neil RussellTechnical Development LeadCommented:
When YOU run it manually yes. Are YOU just a normal user? Not a domain admin?

Have you had User run it manually after they are logged in?
0
 
discgmanCommented:
The bat files in the gpo usually run before the user logs in, so I am not sure if its a permissions issue. Try to run the bat file manually on a user who doesnt have the same permissions as you do and see if you get the same results.
0
 
Neil RussellTechnical Development LeadCommented:
No.

If you're running the script at user logon, it runs under the user's own security context. Would be pointless to run as anything else.

And I already asked to try as a different user after login to see results.
0
 
discgmanCommented:
You asked the same time I did, just took me 2 minutes to write it.
0
 
jfhollowaySr. Systems AdministratorAuthor Commented:
I run the .bat file manually when I am logged in as the user. The users are just standard domain users with no elevated privileges
0
 
jkaiosIT DirectorCommented:
AFAIK, on Windows XP security, standard domain users can't touch (write/delete) anyting in the %ALLUSERSPROFILE% (C:\Documents and Settings\All Users\...) and so may be true with Windows 7 (C:\ProgramData\) as well.
0
 
jfhollowaySr. Systems AdministratorAuthor Commented:
Would the following work in place of the trying to delete the file from the "all users" directory replace it with %username%

del "C:\Documents and Settings\%username%\Start Menu\Programs\Startup\standard drives.bat"

Where is the correct place to put the .bat to run it at logon. I currectly have it at the root of the netlogon folder. Should it be there or is the sysvol folder inside of the GPO that I have the logon parameter set?
0
 
discgmanCommented:
Where is the correct place to put the .bat to run it at logon. I currectly have it at the root of the netlogon folder. Should it be there or is the sysvol folder inside of the GPO that I have the logon parameter set?

If you put it in the sysvol folder, then it has to be run in the logon script box under each user name in AD. It would then run when each user logs in. You could test a few and see if that works. If it does, then you could add this option to all the users you need to with a ldap script or mass copy and paste.
0
 
jfhollowaySr. Systems AdministratorAuthor Commented:
Worked perfect. thanks
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 4
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now