+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 35
Windows Thread, BGinfo help! in Technical; Originally Posted by Michael No, it's a logon script. I'm not quite sure how to do this. If you use ...
  1. #16

    Join Date
    Jun 2008
    Posts
    719
    Thank Post
    118
    Thanked 64 Times in 52 Posts
    Rep Power
    31
    Quote Originally Posted by Michael View Post
    No, it's a logon script.



    I'm not quite sure how to do this. If you use the value <free space> it works for the local C:\ drive only. Not sure how to change this to a home directory such as H:\

    --------------------------------------------------------------------------------



    If you double click your bgi file, this should automatically open using BGINFO.exe as they are associated. You can change the font colour using the built in toolbar and highlighting the relevant text.

    Thanks for your help, mate. Much appreciated.

  2. #17
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,662
    Thank Post
    166
    Thanked 220 Times in 203 Posts
    Rep Power
    67
    Quote Originally Posted by Michael View Post
    No, it's a logon script.
    But will the currently logged on user have write access to the SYSTEMROOT folder? Think that's why I ended up making it copy via startup script which has machine's rights, plus also changing the rights on the bgibmp folder I made, as bginfo puts the created bitmap in there when it's merged the original background with the text...

    Quote Originally Posted by Michael View Post
    If you double click your bgi file, this should automatically open using BGINFO.exe as they are associated. You can change the font colour using the built in toolbar and highlighting the relevant text.
    I might be wrong but think JMChapman means the icon label text rather than the BGInfo text?

    Quote Originally Posted by Chuckster View Post
    Wow. I'm loving the wallpapers. Could I have a copy, please?
    Here ya go... to get the red one just load in Photoshop, CTRL+U then tick the Colorize box and enjoy
    Attached Images Attached Images

  3. #18

    Join Date
    Jun 2008
    Posts
    719
    Thank Post
    118
    Thanked 64 Times in 52 Posts
    Rep Power
    31
    Thanks GShaw. Erm, I don't have Photoshop. Do you think you could colorize it for me?

  4. #19
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,662
    Thank Post
    166
    Thanked 220 Times in 203 Posts
    Rep Power
    67
    Yeah no prob... see below

    Use this as a freebie alternative to Photoshop... better than nowt

    GIMPshop.com - A GIMP hack by Scott Moschella
    Attached Images Attached Images

  5. #20

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,572 Times in 1,252 Posts
    Rep Power
    340
    But will the currently logged on user have write access to the SYSTEMROOT folder? Think that's why I ended up making it copy via startup script which has machine's rights, plus also changing the rights on the bgibmp folder I made, as bginfo puts the created bitmap in there when it's merged the original background with the text...
    The technique I use is to add "domain users" to the local administrators group via MMC. It solves a whole range of application related problems which can write locally if required. Using GPOs I hide and deny access to C:\ to users, but applications can still write locally - including BGInfo

  6. #21
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,468
    Thank Post
    10
    Thanked 496 Times in 436 Posts
    Rep Power
    113
    Quote Originally Posted by Michael View Post
    The technique I use is to add "domain users" to the local administrators group via MMC. It solves a whole range of application related problems which can write locally if required. Using GPOs I hide and deny access to C:\ to users, but applications can still write locally - including BGInfo
    This is a bad idea. Profiles are a security issue as users can easily access them remotely and get at confidential data that is held temporarily/permanently there.

    It would just have been easier to use the options in BGInfo to write to the USERS temporary folder instead of C. This is mentioned when using BGInfo to create the BGI file.

    There is virtually no reason why any user needs local admin rights these days. As I said, it is potentially a DPA issue, and you should at minimum use a different group for admin and student machines when allowing local admin user rights.

    I add a Local Admin - Students and Local Admin - Staff group to the admin group on the different sets of machines for the rare exceptions that are needed for a tiny number of staff.

  7. #22
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,468
    Thank Post
    10
    Thanked 496 Times in 436 Posts
    Rep Power
    113
    For future searches.

    PLEASE READ THIS PEOPLE!

    There is an OPTION in BGInfo

    Bitmap -> Location -> Users Temporary Directory

  8. #23

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,572 Times in 1,252 Posts
    Rep Power
    340
    This is a bad idea. Profiles are a security issue as users can easily access them remotely and get at confidential data that is held temporarily/permanently there.
    Adding "domain users" as local administrators allows applications to cache/write locally. The local C:\ drive is hidden and inaccessible from users, by enabling these two policies:

    Hide these specified drives in My Computer - Enabled
    Prevent access to drives from My Computer - Enabled


    There is virtually no reason why any user needs local admin rights these days. As I said, it is potentially a DPA issue, and you should at minimum use a different group for admin and student machines when allowing local admin user rights.
    I must be unlucky then as schools always want to use old or technically challenged software. I've not had a single incident of a pupil breaking this setup. I can only recommend you try it

  9. #24
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,468
    Thank Post
    10
    Thanked 496 Times in 436 Posts
    Rep Power
    113
    Quote Originally Posted by Michael View Post
    Adding "domain users" as local administrators allows applications to cache/write locally. The local C:\ drive is hidden and inaccessible from users, by enabling these two policies:

    Hide these specified drives in My Computer - Enabled
    Prevent access to drives from My Computer - Enabled




    I must be unlucky then as schools always want to use old or technically challenged software. I've not had a single incident of a pupil breaking this setup. I can only recommend you try it
    Those restrictions only apply to Explorer and do not protect the drives from being accessed by any other application that does not use the explorer interface.

    Plug any machine into the network and browse to the admin machines, with domain users as members of local admins anyone entering their password has full access to go snooping through peoples profile. Any file names in the recent docs people shouldn't see? Any cached pst files in there?

  10. #25


    Join Date
    Oct 2006
    Posts
    3,413
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    149
    Quote Originally Posted by Michael View Post
    I must be unlucky then as schools always want to use old or technically challenged software. I've not had a single incident of a pupil breaking this setup. I can only recommend you try it
    Ive never came accross any software which needs full admin rights to every file on the c:\ drive, and im quite sure in saying thats because there isnt any such program.

    You only need give write permissions to the files/folders/regkeys the program/user actually needs to write to. Although educational software can want access to insane places, most of the time at worst you only have to give write access to its own program folder in program files.

    Use Filemon and Regmon to see what is accessed. And use CACLS and SubACL to write the permissions as part of your deployment of the application.

  11. #26

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,058
    Thank Post
    888
    Thanked 1,731 Times in 1,494 Posts
    Blog Entries
    12
    Rep Power
    454
    Quote Originally Posted by gshaw View Post
    Here's the way I've done it... saves using the stupid GPO wallpaper setting as well

    You need...

    - folder on the server (sysvol or netlogon ideal) to store the .bgi file and .bmp for the wallpaper
    - exe copied to the C: drive of each computer via script
    - logon script to run it

    So add this as part of your startup script for machines...

    if exist c:\windows\bgibmp goto copyexe
    mkdir c:\windows\bgibmp
    cacls "c:\windows\bgibmp" /E /G "Authenticated Users":F

    :copyexe

    if exist c:\windows\bgibmp\bginfo.exe goto lastbit
    copy "\\domain\sysvol\domain\usersettings\tools\Bginfo. exe" c:\windows\bgibmp /Y

    :lastbit
    exit

    On a logon script assigned to users OU have this bit...

    c:\windows\bgibmp\bginfo.exe /i"\\domain\sysvol\domain\UserSettings\tools\teachp c.bgi" /accepteula /timer:0

    Bit above assumes you domain is called domain and the .bgi file is in usersettings\tools under sysvol. Just change as required

    End result is this...

    Please may you show the what information it shows in a larger image?

    Also how did you setup our wallpapers and icons? are they mandatory profiles?

    thanks

  12. #27

    Join Date
    May 2007
    Location
    Bradford
    Posts
    71
    Thank Post
    1
    Thanked 3 Times in 3 Posts
    Rep Power
    16
    dammit! came in this morning and it has stopped working!

    im going to try gshaws way

  13. #28

    Join Date
    May 2007
    Location
    Bradford
    Posts
    71
    Thank Post
    1
    Thanked 3 Times in 3 Posts
    Rep Power
    16
    I now have it working for our teaching staff, but not for the student login, very wierd.

    ghsaw, what permisions do the users need on the c:\windows\bgibmp folder?

  14. #29
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,468
    Thank Post
    10
    Thanked 496 Times in 436 Posts
    Rep Power
    113
    Quote Originally Posted by rasssp View Post
    I now have it working for our teaching staff, but not for the student login, very wierd.

    ghsaw, what permisions do the users need on the c:\windows\bgibmp folder?
    Just set the option in the BGI so it puts it in the users profile temporary folder which they have permission to write to.

  15. #30

    Join Date
    May 2007
    Location
    Bradford
    Posts
    71
    Thank Post
    1
    Thanked 3 Times in 3 Posts
    Rep Power
    16
    Quote Originally Posted by DMcCoy View Post
    Just set the option in the BGI so it puts it in the users profile temporary folder which they have permission to write to.
    I have that option set in the bgi, but the bginfo.exe is located in c:\windows\bgibmp

    dont think the student login lets bginfo run from the windows folder

SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. BGInfo in logon script example?
    By ninjabeaver in forum How do you do....it?
    Replies: 16
    Last Post: 24th August 2007, 12:49 PM
  2. Replies: 18
    Last Post: 19th June 2007, 09:02 AM
  3. BGInfo on logon screen
    By Ric_ in forum Windows
    Replies: 17
    Last Post: 16th September 2006, 01:25 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •