none
Group Policy Script doesn't run

    Pertanyaan

  • I have an OU of computers I have created a GPO and linked it to the OU.  I created a script, script.cmd and placed it in the sysvol\domain.local\scripts folder and then browsed for it in the computer configuration startup script but it still doesn't run.  I have also created a script, logon.bat that I placed in the same directory and that I put in the 'login script' of the user properties and that doesn't run either.  That script contains:

    NET USE K: \\SERVER\folder1

    NET USE S: \\SERVER\folder2

    I'm sure I must be doing something wrong, could someone please point me in the right direction?

    07 September 2011 1:21

Jawaban

  • Hi,

    The setting in Group Policy is "User Configuration", "Windows Settings", "Scripts (Logon/Logoff)", "Logon". Best practice is to copy the file you want for the Logon script to the Windows clipboard, open the "Logon" setting in the Group Policy editor, press the "Show Files..." button, and paste the desired file in the dialog. You can select the file and edit it in this dialog as well. This is easier than navigating in Windows Explorer to the folder where Group Policy Logon scripts are saved. However, if you do have to navigate to the folder, the path on the Domain Controller is:

    %SystemRoot%\sysvol\sysvol\<domain DNS name>\Policies\<GUID>\user\scripts\logon


    Logon Script FAQ
    www.rlmueller.net/LogonScriptFAQ.htm


    If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer". This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!
    07 September 2011 1:33
  • Hi,

    No need. You need to use the below paths for the computer scripts.

    \\<Server>\sysvol\<domain DNS name>\Policies\<GUID>\user\scripts\logoff

    \\<Server>\sysvol\<domain DNS name>\Policies\<GUID>\machine\scripts\startup

    \\<Server>\sysvol\<domain DNS name>\Policies\<GUID>\machine\scripts\shutdown


    Startup and Shutdown scripts run with the credentials of the computer object. It is recommended that the group "Domain Computers" be given permission to any resources used by the Startup or Shutdown scripts. However, Startup and Shutdown scripts have System privileges on the local computer. This gives Startup and Shutdown scripts access to the local file system and registry.

    Logon and Logoff scripts run with the credentials of the user. It is recommended that the group "Domain Users" be given permission to any resources used by either of these scripts.


    If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer". This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!
    07 September 2011 2:14
  • 08 September 2011 9:40
    Moderator

Semua Balasan

  • Hi,

    The setting in Group Policy is "User Configuration", "Windows Settings", "Scripts (Logon/Logoff)", "Logon". Best practice is to copy the file you want for the Logon script to the Windows clipboard, open the "Logon" setting in the Group Policy editor, press the "Show Files..." button, and paste the desired file in the dialog. You can select the file and edit it in this dialog as well. This is easier than navigating in Windows Explorer to the folder where Group Policy Logon scripts are saved. However, if you do have to navigate to the folder, the path on the Domain Controller is:

    %SystemRoot%\sysvol\sysvol\<domain DNS name>\Policies\<GUID>\user\scripts\logon


    Logon Script FAQ
    www.rlmueller.net/LogonScriptFAQ.htm


    If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer". This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!
    07 September 2011 1:33
  • So I should put it with the User configuration even though it is only f for the computers in that specific OU?  Also, why doesn't the script run for the 'User Properties' in Active Directory?
    07 September 2011 1:47
  • Hi,

    No need. You need to use the below paths for the computer scripts.

    \\<Server>\sysvol\<domain DNS name>\Policies\<GUID>\user\scripts\logoff

    \\<Server>\sysvol\<domain DNS name>\Policies\<GUID>\machine\scripts\startup

    \\<Server>\sysvol\<domain DNS name>\Policies\<GUID>\machine\scripts\shutdown


    Startup and Shutdown scripts run with the credentials of the computer object. It is recommended that the group "Domain Computers" be given permission to any resources used by the Startup or Shutdown scripts. However, Startup and Shutdown scripts have System privileges on the local computer. This gives Startup and Shutdown scripts access to the local file system and registry.

    Logon and Logoff scripts run with the credentials of the user. It is recommended that the group "Domain Users" be given permission to any resources used by either of these scripts.


    If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer". This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!
    07 September 2011 2:14
  • Hi,

    Please check that the computer accounts have appropiate permission in the shared folder.

    I suggest to to link this policy to user ou and user the batch file in user login script.

    But at the same time  give proper permission to users in the shared folder.

    In a domain any user can login to any client machine. So any body and every body will get access to these shared drives.                                


    Disclaimer: This posting is provided AS-IS with no warranties or guarantees and confers no rights. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    07 September 2011 11:27
  • Also you can use below VBscript and put it in "logon" script.

    objNetwork.RemoveNetworkDrive "<DriveLetter>:", True, True

    objNetwork.MapNetworkDrive "<DriveLetter>:", "\\UNC-Path-To-Share"

     


    Best regards Biswajit Biswas Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. MCP 2003,MCSA 2003, MCSA:M 2003, CCNA, MCTS, Enterprise Admin
    07 September 2011 11:57
  • Hi,

    CAn you please check the event viewer for any script related error and also run gpresult /Z and post the output here.

    Also go to start/Run and try to access the script path and see if any error is there.

    07 September 2011 17:45
  • 08 September 2011 9:40
    Moderator