Run EXE from GPO logon script

Got a Windows 2008r2 small AD

All student laptops are Windows 10

I need to run an exe as a 'logon' script through a GPO.

The user logging on wiil NOT have admin rights to run exe's

What's the best practice for doing this?

Thanks so much!!
ejcristAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Adam BrownSenior Systems AdminCommented:
Preferred method is to repackage the EXE as an MSI file. https://emcosoftware.com/msi-package-builder has a utility that can help with this. The process is to install the utility, create a before image, install the application, create an after image, and the utility will detect what changes are made by the installation and package them up into an MSI file. You can then deploy that MSI file using GPO.

Otherwise, you would need to have SCCM or some other system management solution in place.
McKnifeCommented:
Run an .exe to do what, install something? Anyone may run executables if they aren't setups.
ejcristAuthor Commented:
It's a little exe that scans the hardware/software of the laptop to then report to our new asset management system.
Get a highly available system for cyber protection

The Acronis SDI Appliance is a new plug-n-play solution with pre-configured Acronis Software-Defined Infrastructure software that gives service providers and enterprises ready access to a fault-tolerant system, which combines universal storage and high-performance virtualization.

McKnifeCommented:
And will that exe need elevation in order to create the report?
ejcristAuthor Commented:
Well, by default, student logins do not have admin privileges to run exe's.
McKnifeCommented:
So those .exe files are setups?
McKnifeCommented:
No, you said they are not setups. That's why I asked if admin permissions are needed for the exe to work. Please confirm.
McKnifeCommented:
You should use a startup script, not a logon script and it will work.
ejcristAuthor Commented:
This is the instructions provided....I'm confused because it says it is run as a 'logon' script....

To configure SelfScan.exe to run as an Active Directory logon script,
 
From your domain controller, head to Group Policy Management Console.
In the console tree, right click on the domain or OU and create a new GPO.
Type in a new name for the GPO and click OK.
Right click on the newly created GPO and click Edit.
In the new window that pops up, go to User Configuration>>Policies>>Windows Settings>>Scripts. Double click logon.
New logon properties will open up. Click on Add.
Click Browse. A windows explorer tab will open.
Copy and paste the SelfScan.exe file to this folder.
Select SelfScan.exe.
In the script parameters field, type the Probe installation system name (e.g.,"SDPOD-WIN10") and click OK.
Once it’s done click on OK in the Logon properties window.
McKnifeCommented:
These instructions, did you try them? If they don't work, just use a startup script, same place but in the computer config part of the GPO.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 10

From novice to tech pro — start learning today.