none
run script without logon

    Question

  • Hey there,

    I have a task and I'm not sure about the feasibility.

    I run a windows terminal server farm with roaming profiles and I would write a script which rename a folder on the user fileshare.

    The user has \\fileshare\profile\important and I want to rename this folder to \\fileshare\profile\important.backup.

    My problem is this is a sync folder. When the user has a session and execute this script - rename works, but when the user do a logoff the important folder would be write back to the fileshare.

    And I'm not really sure how to solve this problem. My (abstract) idea is to build a simple batch script on a other fileshare and when the user clicks a button on an application the batch script starts with 120 seconds delay, during this delay the user logoff and after this delay (and no other session) the rename would be happen.

    But how is it possible to execute a script (with user permissions) and in the same time a logoff my user session (and have no other session running)

    I would be very happy about some ideas for my problem.

    Thanks,

    Patrick

    • Moved by Bill_Stewart Friday, April 10, 2015 2:41 PM Move to more appropriate forum
    Wednesday, March 11, 2015 9:25 AM

All replies

  • The best suggestion, I believe, would be to use Group Policy Preferences.

    ¯\_(ツ)_/¯

    Wednesday, March 11, 2015 9:53 AM
  • How?

    Thanks,

    Patrick

    Wednesday, March 11, 2015 9:58 AM
  • You should start by moving the Documents folder out of the profile.  Use folder redirection.  With TS all folders should be relocated.  It removes al ot of replication from the profile and improves reliability and performance.  Once the folders have been moved then you can create a GPP that renames any folder and it will stay renamed.

    Look up how to use GPP to change files and folders. 

    For detailed help with GPP and GPP post here: Group Policy


    ¯\_(ツ)_/¯

    Wednesday, March 11, 2015 10:11 AM
  • Thanks for answer.. I guess I didn't described my problem exactly.

    My folder (important) is nice and recreated on every logon. Thats correct. But when some nasty things happen in this folder, the user hasn't a chance to fix this. Because when the user delete (or rename) the important folder and logoff the folder important from the local session writes back to the fileshare.

    I don't want to rename one folder the whole time, it is just a mechanism that when the user logon the next time the folder important recreate from the system.

    I hope I described my problem a little bit better?

    Wednesday, March 11, 2015 12:30 PM
  • My answer is still the correct, and probably only, way to fix this.

    ¯\_(ツ)_/¯

    Wednesday, March 11, 2015 1:29 PM
  • I didn't get the possibility with gpp.

    I miss the information between "the user clicks on a button" and "the gpp rename a folder one time".

    Can you give me a hint to realize your solution?

    Thursday, March 12, 2015 8:16 AM
  • Please post your question in the GP forum. It is not a scripting question.  You will need to learn how to use GP.

    Group Policy


    ¯\_(ツ)_/¯

    Thursday, March 12, 2015 1:14 PM
  • Sorry, I can't post the question in the GP forum because I have no idea what I should ask...

    Maybe there is no scripting resolution - but when I don't understand your solution I can't ask other users to help me to implement your solution.

    Thursday, March 12, 2015 1:29 PM
  • That is why I noted that you will have to learn Group Policy.  You have a limited technical understanding of the logon process.  What you are asking to do is a result of an incomplete deployment of your user profiles and the logon process and how it processes profiles that are roamed.  If you cannot understand that then you will not understand how to fix it.

    Step by step.

    1. Redirect users documents folder with GP.
    2. Create GPP to delete file ass needed.

    Done!

    Post in GP forum for help with the above.


    ¯\_(ツ)_/¯

    Thursday, March 12, 2015 1:35 PM
  • Mike - we are going to change your name to "Mike the Link Guy".

    Good stuff.


    ¯\_(ツ)_/¯

    Thursday, March 12, 2015 1:46 PM
  • Mike - we are going to change your name to "Mike the Link Guy".

    Good stuff.


    ¯\_(ツ)_/¯

    =]


    Don't retire TechNet! - (Don't give up yet - 13,225+ strong and growing)

    Thursday, March 12, 2015 1:50 PM
  • Okay - maybe I should provide more information.

    We use Terminalserver 2008r2 with Citrix XenApp 6.5 and use for profil management citrix user profile manager.

    We use folder redirection and "sync folders" (there is only one sync folder for ntuser.dat and so ..)

    So I know how to setting up an environment with folder redirection - but I didn't get the connection / idea how is it possible to create a gpp that will act when the user clicks on the terminalserver session a button on a self written application.

    presumably I have a mental blockade :(

    Thursday, March 12, 2015 1:59 PM
  • That has nothing  to do with folder redirection.  Since this is a XenApp system you should be posting in the Citrix forum.  They will help you sort out how to set up isolated files that do not conflict with folder sync.

    Sync Folders are not the same as redirection. You cannot both redirect and sync a folder successfully.  When you do the files will clobber each other.  I have seen this over and over when admins get it wrong. With Citrix profile amanger it gets even crazier.

    If you truly had correctly redirected folders then you would not be having the issue.

    Again. Post to Citrix first to get help sorting out what you have then post back to GP forum to learn how to set up GPP to manage the file.


    ¯\_(ツ)_/¯

    Thursday, March 12, 2015 3:12 PM
  • I didn't say any word that I try to redirect and roamed the same folder. I just want to say, I know the mechanism of folder redirection and "sync folders" (maybe is roaming profile not the right word)

    This isn't really a citrix topic. But maybe I write very unclear (cause I'm not english native speaker). 

    I think I know what you mean, but it doesn't solve my issue. Maybe there is no scripting solution for my issue. 

    @Both - Thank you for your help :-) 

    Thursday, March 12, 2015 5:17 PM
  • 1. Do you have Group Policy Redirected folders? Yes or no?
    1. Do you have the folders defined to sync for offline access?


    ¯\_(ツ)_/¯

    Thursday, March 12, 2015 5:21 PM
  • 1. Do you have Group Policy Redirected folders? Yes or no?

    Yes.(But not on the sync folder! other folders (desktop,documents,...)

    1. Do you have the folders defined to sync for offline access?

    yes, the folder which include ntuser.dat (offline access? - it just sync from fileshare to server - there is no "offline") 

    Most of the user profile folder are redirected but one folder (with ntuser.dat) is a sync folder (from fileshare to the server on the "local" disk). Sometimes the ntuser.dat is corrupt. My idea is to write an application with a button and the user click "restore profile". I must rename the sync folder on the fileshare (and this would be nice) but when the user logoff the profile writes back with the originale name and original files. on the next logon the user get the same folder / files. 
    Thursday, March 12, 2015 5:33 PM
  • You are not answering the question.

    Do you have Group Polciy redirected folders?

    I am not talking about a roamed profiles. You are refreing to a roamed profile. That is you exact problem.  Roaming the profile has causes this.,

    You should NOT sync the folder set with ntuser.dat. Windows does not like that.  If it is roamed and synced it will get corrupted.  Now you have unraom and unsync all floders and fix all errors.  After that you can use GP to redirect the folders that are redirectable in the profile. This is includes Documents and AppData as well as the ability to customize most subfolders like pictures.

    Once redirected they can be set to be cached on the client for mobile users but for TS users they should NOT be cached or synced. After all of that is working correctly you can then roam the profile with either TS profile redirection or with NT profile roaming.

    After that you dan delte files with no conflict.

    None of this has anything to do with scripting so I think we need to close this thread.

    Good luck


    ¯\_(ツ)_/¯

    Thursday, March 12, 2015 5:51 PM
  • Yes. I use redirected folder. 

    sync = roaming is the same for me. Maybe thats the reason why we talk not from the same thing. 

    There is no error to fix in generally. I will start that "renaming process" when the user click on "profile restore". 

    Thursday, March 12, 2015 5:56 PM
  • > The user has \\fileshare\profile\important and I want to rename this
    > folder to \\fileshare\profile\important.backup.
     
    Just to make sure - this "important" folder is part of the roaming user
    profile?
     
    Then your task is really simple - don't rename the folder on the share
    path, but in %userprofile% :)
     

    Greetings/Grüße, Martin

    Mal ein gutes Buch über GPOs lesen?
    Good or bad GPOs? - my blog…
    And if IT bothers me - coke bottle design refreshment (-:
    Saturday, April 11, 2015 2:02 PM
  • > We use folder redirection and "sync folders" (there is only one sync
    > folder for ntuser.dat and so ..)
     
    What - in your terms - is a "sync folder"? At logon, the whole remote
    user profile is copied to %userprofile%. At logoff, it is copied back.
    There is no "sync" like in offline files, where we have two "online"
    copies at one time. The user profile is always accessed locally, the
    remote path is only used to copy at logon/logoff.
     

    Greetings/Grüße, Martin

    Mal ein gutes Buch über GPOs lesen?
    Good or bad GPOs? - my blog…
    And if IT bothers me - coke bottle design refreshment (-:
    Saturday, April 11, 2015 2:05 PM
  • Martin -

    1 user profile roaming is for stock profiles.
    RDS terminal server profiles are similar but are not roamed but are relocated
    GP redirected folders a re permanent redirections that affect both the roamed profile and the RDS profile.
    Citrix Profile Manager extends RDS profiles.
    Citrix "sync'd folders are similar to Windows offline folders but operate over an ICA connection

    As you have pointed out the OP has not made any of this clear.


    \_(ツ)_/

    Saturday, April 11, 2015 3:01 PM
  • > Citrix Profile Manager extends RDS profiles.
    > Citrix "sync'd folders are similar to Windows offline folders but
    > operate over an ICA connection
     
    Thanks for clarification - then I'm somewhat "out of the game", never
    saw Citrix Profile Manager :)
     

    Greetings/Grüße, Martin

    Mal ein gutes Buch über GPOs lesen?
    Good or bad GPOs? - my blog…
    And if IT bothers me - coke bottle design refreshment (-:
    Monday, April 13, 2015 9:10 AM
  • Hi Martin,

    no - it should not be the part of roaming user profile (citrix profile management).

    I have a folder and this folder synced on every logon on a terminal server. (some stuff from userprofile) - this folder gets corrupt.

    my idea is, the user click on a batch script / application / whatever to say :"Hey, I think my userprofile is corrupt. Please restore it."

    I can not rename the userprofile order on the terminalserver machine.. so the follow tasks are necessary (i think these tasks would be the best solution):

    1) Logoff terminalserver session (the (corrupted) profile writes back to the fileshare)

    2) Rename this folder on the fileshare

    When the user logon the next time, they will get a new profile because on the fileshare isn't a folder with the right name.

    to 1) isn't a problem.

    to 2) is a problem. because I want to rename a folder on a fileshare with user rights without a session on a terminalserver.

    so my idea was to have a kind of script which delete the user profile and to give over the user credentials. So a script/task can run with user credentials and user permissions to delete the folder on the fileshare (this is possible with the user rights) without having an active session.

    Hopefully I explained my idea a little bit better.

    Patrick

    Monday, April 13, 2015 11:58 AM
  • Martin -

    1 user profile roaming is for stock profiles.
    RDS terminal server profiles are similar but are not roamed but are relocated
    GP redirected folders a re permanent redirections that affect both the roamed profile and the RDS profile.
    Citrix Profile Manager extends RDS profiles.
    Citrix "sync'd folders are similar to Windows offline folders but operate over an ICA connection

    As you have pointed out the OP has not made any of this clear.


    \_(ツ)_/

    Citrix Profile Manager does not operate over an ICA connection.

    I really tried to make my situation clear.. but obviously I failed. :-(

    Monday, April 13, 2015 2:05 PM
  • You are asking a mixed question and it appears that you are not following Citrix Best practices for Profile Manager.  I think once you understand what is PM and what is Windows policy that you will see where your configuration is in conflict.

    Here is a Citrix blog addressing these issues: http://blogs.citrix.com/2012/02/11/citrix-profile-management-and-vdi-doing-it-right/?_ga=1.259422154.1718180378.1428940361

    You would do better to post you issues int he  Citric forums.  They can help your sort out what parts are Citrix and which parts are Standard Windows Policy.  Remember that Citrix is an extension to Windows and Windows Policy and not a replacement.


    \_(ツ)_/

    Monday, April 13, 2015 3:57 PM