Setting Up A Login Script in Server 2008 AD Group Policy

I have worked with AD Group Policy with Server 2008 in various ways over the past couple of years but have not set up a policy to push out scripts when a user logs in to an Active Directory domain.  I have an antivirus software I have setup on an IIS server that needs to have clients connect to it when they log in through a login script that the software vendor has created.  I am looking for resources to read and recommendations as to whether this should be done in User vs. Computer Configuration. Any step by step resources would be helpful.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You have to identify which anti-virus client you are using and whether it deploys client controls as a user or as a computer.
I.e. In the computer OU you would under the computer configuration add the startup script that will run as the computer
In a user OU, user configuration, you would use the login script if it needs to run as the user.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Mark GalvinManaging Director / Principal ConsultantCommented:

So first of all you need guidance from AV Vendor about Computer or User Script.

Once you have that you need to create the GPO. Decide which OU this will go against. Once you have done that Create a new GPO as you would normally.

The location for the log on scripts in the GPO are:
Say its a user script. Double click on the 'Logon' option which will give you:
UserLogonScriptOptions.JPGThen click on the 'Show Files' button which opens Windows Explorer:
UserLogonScriptFiles.JPGThis is the location you want to copy your scripts (which you mentioned you have from the AV Vendor). Close that window.

Back in the 'Logon' Options window you then want to click on 'Add' button which will give you:
UserLogonScriptAdd.JPGThen 'Browse' and select the script you copied into the folder above.

Next you want to make sure your GPO is enabled.

I would seriously suggest you run this on test user/s first so you can tell what the possible impact will be.

Hope this helps
memewarrenAuthor Commented:
OK, I talked to the antivirus vendor and they say it needs to be done under computer configuration.  

The UNC path they show as \\<server name or ip>\ofscan\Admin\Utility\Ipxfer\ipxfer_x64.exe -s <server name or ip> -m 1 -p 8080 -c 32090 -e OfcNTCer.dat

So I set my GPO under 1. Computer Configuration -- 2. Windows Settings -- 3. Scripts (Startup/Shutdown) and choose Startup.

Do I then give it a Script name and put the UNC path under the Script Parameters, apply it and that's it?
You need to create a script
filename.bat in the location to which you browse usually it will be in \\addomainname\sysvol\policies\{GPO related identifier which is the reason to follow the suggestions Mark provided}


@echo off

start ""  \\<server name or ip>\ofscan\Admin\Utility\Ipxfer\ipxfer_x64.exe -s <server name or ip> -m 1 -p 8080 -c 32090 -e \\possiblyserver\ofshare\where\this\file\OfcNTCer.dat

Open in new window

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.