Startup script GPO not working

Dustin23
Dustin23 used Ask the Experts™
on
I have a GPO startup script that is supposed to apply to all desktops in a given OU every startup. It used to work, but recently stopped doing so. I have checked gpresult /r on the affected machines, and the GPO is listed as being applied. I don't understand what could have happened. I have not made any OU or GPO adjustments. The GPO scope is "Authenticated Users", and again, this has not been changed since GPO creation. Here is the script:

@echo off

reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v KUserinitReplaced /t REG_SZ /d "C:\Program Files\VMware\VMware View\Agent\bin\wssm.exe",C:\Windows\system32\userinit.exe,"C:\Program Files\VMware\VMware View\Agent\bin\vmlm_helper.exe","C:\Program Files\VMware\VMware View\Agent\bin\wssm.exe" /f
reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Userinit /t REG_SZ /d C:\Windows\system32\KUsrInit.exe,"C:\Program Files\VMware\VMware View\Agent\bin\wssm.exe", /f

Open in new window

I have tested manually running the script on a test machine, and it works like a charm. Any idea what could be going wrong here?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Director of Information Technology
Commented:
You might be better off using Group Policy Preferences to accomplish this tasks.  

Here is a link that will help you accomplish this.
https://theitbros.com/add-modify-and-delete-registry-keys-using-group-policy/
Lionel MMSmall Business IT Consultant

Commented:
I don't understand what could have happened. Unfortunately this may be due to changes in Windows and/or some new conflict with other settings and/or issues or conflicts with what the settings you are trying to set. The best thing to do take one system and manually remove these settings, reboot, and then manually add them back, reboot and see if these settings apply--if not then there is something else going on other than your startup script or your registry changes.
Distinguished Expert 2018

Commented:
You can simulate startup script processing using psexec.
Download psexec, then, on an elevated command prompt, launch
psexec -s -I cmd
on the cmd shell which will open, launch your startup script from the path where it is saved inside the policy (\\yourdom.local\policies\someGPO\machine\scripts\yourscript.bat)
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Dustin23IT Director

Author

Commented:
I am going to reboot the DC tonight to complete some updates anyway. I will see if that resolves the issue. I am already looking into Group Policy Preferences to see if that will work for me, thanks for the suggestion. Also, psexec sounds like a nice tool, I will try that out if I get nothing from a reboot.
Dustin23IT Director

Author

Commented:
Ok, a reboot did not fix the issue with the script. I decided to go with registry settings in GPP. Oddly, creating a update action for each item didn't work. So, I decided to create a replace action for each item, set to run once, and a replace action for each item that applies every time gpupdate is run. This resolved the issue, and should be good moving forward. Thanks for the assistance on this guys.
yo_beeDirector of Information Technology

Commented:
Glad that the suggestion worked

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial