+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 26
Windows 7 Thread, Logon scripts not running in Technical; We're in the process of introducing Windows 7 in our school. Most of the initial problems seem to have been ...
  1. #1

    Join Date
    Sep 2007
    Posts
    181
    Thank Post
    4
    Thanked 2 Times in 2 Posts
    Rep Power
    15

    Logon scripts not running

    We're in the process of introducing Windows 7 in our school. Most of the initial problems seem to have been ironed out, but we're left with one stumbling block that we don't seem to be able to resolve: Login scripts don't run for users who aren't local administrators.

    We are using traditional .bat files to map a few drives and import printer settings. It works fine as an administrator bit not as a normal user. If a standard user logs on, the scripts can be executed manually and all is well, but they don't run as part of the logon process.

    We've tried the "EnableLinkedConnections" registry fix but that doesn't seem to make any difference. We've tried specifying and locating the scripts within group policies and the netlogon share, but again, nothing seems to work.

    We'd like to avoid the possibly inevitabale workaround of making students local administrators, but can't find any alternative solutions at present. Has anyone else experience this and found a solution?

    *Edit: we have also turned off User access control
    Last edited by AnnDroyd; 4th October 2011 at 03:09 PM.

  2. #2

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,572 Times in 1,252 Posts
    Rep Power
    340
    Make sure the following policy is set correctly:

    Policies > User Config > Admin Templates > System - Prevent access to the command prompt - Enabled and then specify No to 'Disable the command prompt script processing also?'

    I would also look at deploying network drives and printers via GPO. It works well when it's setup Have a look here

  3. #3

    Join Date
    Sep 2007
    Posts
    181
    Thank Post
    4
    Thanked 2 Times in 2 Posts
    Rep Power
    15
    Unfortunately I've already ruled out anything to do with policy restrictions. Moving a test user into an OU with no restrictions applied doesn't work. However, making the same user a local admin, even with the same policies applied does work.
    Even if I could get round the drive mapping problem, we still need the scripts to run for other things.

  4. #4

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,572 Times in 1,252 Posts
    Rep Power
    340
    Could you post an example of your script?

    The only scripts I use in my Windows 7/2008 R2 domains are Startup scripts for deploying wireless settings and to check/install anti-virus software if it's not there and that's it. Everything else is GPO.

  5. #5

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,572 Times in 1,252 Posts
    Rep Power
    340
    The only other GPO I can think of is:

    Policies > Computer Config > Windows Settings > Security Settings > Local Policies > User Rights Assignment - Log on as a batch job

  6. #6

    Join Date
    Sep 2007
    Posts
    181
    Thank Post
    4
    Thanked 2 Times in 2 Posts
    Rep Power
    15
    Yes, here you go:

    net use n: \\server1\users\students\%username% /persistent:no
    net use o: \\server3\applications /persistent:no
    NET TIME \\server4 /SET /YES

    if exist \\server4\netlogon\screenres\%computername%.bat call \\server4\netlogon\screenres\%computername%.bat
    if not exist \\server4\netlogon\screenres\%computername%.bat call \\server4\netlogon\screenres\default.bat

    reg delete "HKCU\printers\connections" /f
    if exist \\server4\netlogon\printers\%computername%.reg regedit /s \\server4\netlogon\printers\%computername%.reg
    if not exist \\server4\netlogon\printers\%computername%.reg regedit /s \\server4\netlogon\printers\allprinters.reg

  7. #7


    Join Date
    Mar 2009
    Location
    Leeds
    Posts
    6,647
    Thank Post
    229
    Thanked 865 Times in 743 Posts
    Rep Power
    297
    Well net time needs admin but net use should be ok

    Is UAC on if so might be worth testing with it off

  8. #8

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,572 Times in 1,252 Posts
    Rep Power
    340
    The script looks OK to me also, but clearly Windows doesn't like something. I noticed however that you have what appears to be 4 servers. Are all these DCs as I wonder if it's a possible DNS issue.

    Most (from what I can see) of what you have in your script could be achieved by GPO. Presumably you control everything else with GPOs, so it makes sense drive maps and printers are deployed this way too.

    The only part I am unsure about is your screenres code, which I presume is setting the resolution at logon?

    As you have three paragraphs of script, try experimenting and run each paragraph in turn. Does Windows still not process on all three?

  9. #9

    Join Date
    Sep 2007
    Posts
    181
    Thank Post
    4
    Thanked 2 Times in 2 Posts
    Rep Power
    15
    We seem to have sorted this by putting the logon scripts in the profile in the start menu>programs>startup folder. Not an ideal solution, but it gets it working without having to make everyone local admins.

  10. #10

    Join Date
    Oct 2008
    Location
    Lincolnshire
    Posts
    2,229
    Thank Post
    13
    Thanked 230 Times in 219 Posts
    Rep Power
    68
    What about putting it in the NETLOGON folder and in each user profile specifying it in there?

  11. #11

    Join Date
    Sep 2007
    Posts
    181
    Thank Post
    4
    Thanked 2 Times in 2 Posts
    Rep Power
    15
    Quote Originally Posted by MatthewL View Post
    What about putting it in the NETLOGON folder and in each user profile specifying it in there?
    When you say specifying it in the profile, do you mean by creating a shortcut? If so, I tried that, but you get a security messages asking you if you want to run the file. By putting the script itself there, you don't get any warnings.

  12. #12

    Join Date
    Oct 2008
    Location
    Lincolnshire
    Posts
    2,229
    Thank Post
    13
    Thanked 230 Times in 219 Posts
    Rep Power
    68
    Sorry in AD on the profile tab I think it is you can specify a login script, so if you dump it in the NETLOGON folder and its called user.bat just type in user.bat

  13. #13
    ricki's Avatar
    Join Date
    Jul 2005
    Location
    uk
    Posts
    1,475
    Thank Post
    20
    Thanked 164 Times in 157 Posts
    Rep Power
    52
    Hi

    You can map drives through group policy see Using Group Policy Preferences to Map Drives Based on Group Membership - Ask the Directory Services Team - Site Home - TechNet Blogs

    Time servers can be set in gpo see Setting the Authoritative Time Server on the PDC Emulator Using Group Policy

    Scripts to set resolution can be put in startup scripts linked the room ou.

    Printers can be deployed in gpo with print management and if you have a windows 2008 domain you can set the default printer. see Print Management Step-by-Step Guide

    I hope this helps.

    Richard

  14. #14
    ricki's Avatar
    Join Date
    Jul 2005
    Location
    uk
    Posts
    1,475
    Thank Post
    20
    Thanked 164 Times in 157 Posts
    Rep Power
    52
    Hi

    I have had another thought do the students have the right to run scripts and edit the registry. Both of these can be disabled in gpo.

    Are there any clues in the eventlog?

    Richard

  15. #15

    Join Date
    Sep 2007
    Posts
    181
    Thank Post
    4
    Thanked 2 Times in 2 Posts
    Rep Power
    15
    Quote Originally Posted by MatthewL View Post
    Sorry in AD on the profile tab I think it is you can specify a login script, so if you dump it in the NETLOGON folder and its called user.bat just type in user.bat
    I see what you mean. Yes, I tried that as well, and the scripts still didn't run!

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Win7 clients not applying Group Policies or running logon scripts
    By TheElusiveOrangeButton in forum Windows 7
    Replies: 11
    Last Post: 7th July 2010, 04:13 PM
  2. Not running scripts
    By C3sium in forum Windows 7
    Replies: 19
    Last Post: 4th March 2010, 04:11 AM
  3. Replies: 0
    Last Post: 23rd September 2009, 01:06 PM
  4. Workstations not running Group Policies or Logon Scripts
    By richard_s in forum Windows Server 2000/2003
    Replies: 18
    Last Post: 6th August 2009, 11:46 AM
  5. Vista isn't running logon scripts
    By woody in forum Windows Vista
    Replies: 6
    Last Post: 30th January 2007, 03:32 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •