A logon script that used to run on domain computers no longer runs at logon. From the web I learned that this might be an issue on Windows 10 Version 1909 and later. I can "see" the NETLOGON folder and the script from the network. I can open NETLOGON and run the script. But I can't get it to run at logon. I need this or some other means of loading templates to the domain computers.
But I can't get it to run at logon.
how have you been running the script?
did you try putting pause as the last line of the script so you can see the window output and any errors?
You might have blocked it by software policy.
You could use powershell scripts. no info to which to respond.
Logon scripts should not be referring to external share location, they should be contained within the GPO from which they are triggered, copy the netlogon script into the GPO where you want it to run, login scripts, show files, paste the file here and it should run.
i.e. \\server\SYSVOL\<fqdn>\Policies\<policy number>\User.
Google "login script delay" for a how-to about disabling that delay.
First thing to do is determine the method and check that nothing has changed around that.
Do you know if it is actually not running or is it running and then generating an error?
If it is not running it could be that something on permissions changed or it could indicate that the initiation method (i.e. AD account properties changed)
If it is actually running and just erroring it would be a matter of debugging the script.
The issue I think with running logon scripts from GPOs that reference netlogon scripts might be what breaks with the newer security implementations.
i.e. a GPO process triggers an access restriction by using a UNC to run a scripts....
1. I have not tried pause, although it appears the script doesn't start at all.
2. The script is to write a bunch of templates in to a folder to be used by WORD. And it does so fine if I just launch it from the netlogon folder visible on my network
3. i tried changing the logon script delay
@arnold i think you mean there should be no mention of logon scripts in the GPO. That the logon script in NETLOGON runs at logon, and that maybe my attempts make it run via GPO break the security features of the client. So I should purge any references to a logon script from my GP. There are some as part of my efforts to fix the problem
You have one central login script that can be run out of the netlogon folder when the logon script is set as part of a user's ADUC setting.
You can also run an unlimited number of login scripts that are part of a USER GPO policy
I think the USER GPO based login script script needs to be stored within the confines of the GPO such that it is seen as a local script versus remote.
What does the script do,
is it using xcopy \\somepath\someshare\somef
at the top of your login script do you have @@echo off?
Does your setup require synchronized application of policies or asynchronous?
Might the GPO you think applies actually does not?
you might be able to use Group Policy Preferences to push files to user.
Not sure what files/templates you are pushing
might it benefit if the templates are actually pushed to the Public user on each workstation/computer that will make a single copy available to all users on the system?
The other possibility is the file already present and the option you are using does not overwrite an existing file.....
If that folder gets created shortly after logon, scripts via GPO work.
Then you'll need to add logging to your script. Simply redirect the output to a file
Please add a line that allows you to verify if it is running after all, like the one I wrote down.
Try using the full path