Announcement

Collapse
No announcement yet.

Search for Group Policy Scripts or Determine what scripts are running at logon

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Search for Group Policy Scripts or Determine what scripts are running at logon

    Hi all,

    I'm new here so please go easy on me.

    I'm only really getting into Active Directory but I'm pretty good at scripting batch and VBS scripts.

    For the longest time I've been just adding to one script and calling other scripts from it. and the script seems to be run through group policy but also in the profile tab under logon script for older NT machines etc. Now that we've finally eradicated all NT machines (I know, I know!) - we just have 2000 and XP machines, I turned off the NT version but we're still having trouble lately where the logon script is running twice. I have an idea that it's two separate group policies running the same script.

    Anyway, I've tried gpresult and gpresult /Z and it won't tell me which logon scripts are running from each policy (even though it does tell startup and shutdown scripts). I could go through them all but it would take me ages (there are loads of them) - so does anybody know of a tool / script that could tell me what AD scripts are running at logon and from which policies they come from?

    Either that or is there a way to search group policy management for a specific script rather than just policies that have scripts?

    Any help on this issue would be much appreciated

  • #2
    Re: Search for Group Policy Scripts or Determine what scripts are running at logon

    Are you running gpresults for a specific machine and a specific user? If so, it should show you what scripts are being run via group policy.

    Comment


    • #3
      Re: Search for Group Policy Scripts or Determine what scripts are running at logon

      Yes I tried running it for a specific user on my own machine and it still only listed startup and shutdown scripts

      Comment


      • #4
        Re: Search for Group Policy Scripts or Determine what scripts are running at logon

        Even running rsop.msc on XP box will tell you that what all the scripts (logon/startup)/(logoff/shutdown) are getting applied to respective user or machine..

        If the result shows the script twice then it will run twice only but you will be able to find the source..
        Kapil Sharma
        ~~~~~~~~~~~~~
        Life is too short, Enjoy It.

        Comment


        • #5
          Re: Search for Group Policy Scripts or Determine what scripts are running at logon

          Go to one of the desktops where the script is running twice and then:

          Run gpresult in verbose mode, make a note of every GPO assigned for the computer and user

          Look into each one of these GPOs using GPMC to see which ones are running logon scripts.

          A script will only run from a GPO assigned to that computer or user so it should be fairly easy to pin down.

          Hanley

          Comment


          • #6
            Re: Search for Group Policy Scripts or Determine what scripts are running at logon

            dont forget about GPMC GPO modeling, its a very useful tool for seeing the results of any user in any OU with any membership.
            as long asy ou have GPM installed its down the bottem left of the screen.

            Comment


            • #7
              Re: Search for Group Policy Scripts or Determine what scripts are running at logon

              very interesting abt the responses. and it works by using rsop.msc we can easily track the GPO

              Comment


              • #8
                Re: Search for Group Policy Scripts or Determine what scripts are running at logon

                Thread moved to the 'GPO forum' by Moderator


                Originally posted by thedavil View Post
                For the longest time I've been just adding to one script and calling other scripts from it. and the script seems to be run through group policy but also in the profile tab under logon script for older NT machines etc. Now that we've finally eradicated all NT machines (I know, I know!) - we just have 2000 and XP machines, I turned off the NT version but we're still having trouble lately where the logon script is running twice. I have an idea that it's two separate group policies running the same script.

                Anyway, I've tried gpresult and gpresult /Z and it won't tell me which logon scripts are running from each policy (even though it does tell startup and shutdown scripts). I could go through them all but it would take me ages (there are loads of them) - so does anybody know of a tool / script that could tell me what AD scripts are running at logon and from which policies they come from?
                Manually search:
                Open Windows Explorer and browse to the Policies folder in the Sysvol folder (\\domain.local\sysvol\domain.local\Policies)
                Right click the Policies folder an select Search...
                => File name: SCRIPTS.INI
                => Phrase in file: CmdLine=
                OR...,
                Either that or is there a way to search group policy management for a specific script rather than just policies that have scripts?
                => Phrase in file: name of the script

                In the "Scripts.ini" files found, you see the name and location of the scripts that are configured in this GPO. The parent folder also tels if it is are Machine (Startup or Shutdown)-scripts or User (Logon or logoff)-scripts.
                In the root of each found policy directory (foldername is the GUID of the GPO) there is this "GPT.INI" file were you can read the display name of this policy from.

                (the search probably can also be done by vbs or powershell script, I don have a sample right now but I m sure samples can also be found on the internet)


                Note that GPO's can be processed twice if you have configured Loopback Processing! consequently causing scripts to be launched twice as well.
                If loopback processing is running in Merge Mode the list of GPOs for the computer is added to the user's list.
                In this mode, when the user logs on, the user's list of GPOs is typically gathered by using the GetGPOList function.
                The GetGPOList function is then called again by using the computer's location in Active Directory.
                The list of GPOs for the computer is then added to the end of the GPOs for the user. This causes the computer's GPOs to have higher precedence than the user's GPOs. However, this also causes policies and, for this case, logonscripts that were configured to the GPO that is linked to the OU of the computer to run twice


                Note 2:
                Make sure that the Logon script specified on the "Profile" tab of the user properties dialog in the Active Directory Users and Computers MMC are all cleared!
                Because if a user logs on to a computer with Windows 2000 or above, both, GPO logonscripts and User properties Logon scripts will run.


                \Rems
                Last edited by Rems; 22nd November 2009, 15:08.

                This posting is provided "AS IS" with no warranties, and confers no rights.

                __________________

                ** Remember to give credit where credit's due **
                and leave Reputation Points for meaningful posts

                Comment

                Working...
                X