|
|
|||||||
Hi all, i have a strange problem. first of all: My Kixscript has the following features: set wallpaper map networkdrives add printerconnection and make an inventary log from the client History: Year 2010: I have an 2003 AD with Windows 2003 Active Directory Controller I have only Windows XP clients I have 2 kix scripts in 2 GPO´s. 1 for the users and one for the admins the admin ou has no inheritance from the gpo below. so everything is fine Now: i have an 2003 AD with Windows 2008 and Windows 2008 R2 DC´s I have Windows xp and Windows 7 x64 clients I have 2 kix scripts in 2 GPO´s. 1 for the users and one for the admins the admin ou has no inheritance from the gpo below. and now the problem: When i login an user on a Windows XP Client everything´s fine When i login an user on a Windows 7 x64 Client everything´s fine When i login an admin on a Windows XP Client everything´s fine When i login an admin on an Windows 7 x64 Client the Script only add printer connection wallpaper and nothing else. My Network Mappings are missing i can´t get a solution for that. Can anybody help me? EDIT: When i copy the script and wkix and start it lokal on my pc, everything is fine Greetz backfight |
||||||||
|
|
|||||||
Obviously, the script is running but one part is failing. Post the Admin script and we'll take a look at it. Do you use any error checking/reporting in the script? If not, you should add some to indicate the progress through the script - "Cheking group XXX", followed by "member" or "not member"; "Mapping drive X:" followed by @SERROR; etc.. If you don't have this in your script, you can only guess why things don't work. Glenn |
||||||||
|
|
|||||||
hi, thats the admin script: Quote: Break off SetConsole("Hide") ;**************************************************************************** ;Loeschen der Temp Dateien ;**************************************************************************** run "\\***.local\sysvol\***.local\Policies\{81C8A747-9992-4E6D-9BD4-93A7DB5090CB}\User\Scripts\Logon\DelTemp\DelTemp.exe" ;**************************************************************************** ;Set Wallpaper ;**************************************************************************** $RC=WriteValue ('HKCU\Control Panel\Desktop', 'TitelWallpaper', '1', REG_SZ) If @ERROR = 0 ? 'Value written to the registry' Endif $RC=WriteValue ('HKCU\Control Panel\Desktop', 'WallpaperStyle', '2', REG_SZ) If @ERROR = 0 ? 'Value written to the registry' Endif If SetWallpaper ('\\***.local\sysvol\***.local\Policies\{7838F237-5F30-44E8-80BC-75DF5E51EF99}\User\Scripts\Logon\Hintergrundbild\***_Kornfeld.bmp', 1) = 0 ? 'Set current wallpaper to ***.bmp...' Endif ;**************************************************************************** ;Set Uservariablen ;**************************************************************************** SET "temp=C:\temp" SET "tmp=C:\temp" SETTIME "\\SVR" ;**************************************************************************** ;Set Wallpaper ;**************************************************************************** copy "\\***.local\SysVol\***.local\Policies\{7838F237-5F30-44E8-80BC-75DF5E51EF99}\User\Scripts\Logon\BG-Info\Bginfo.exe" "C:\temp\" copy "\\***.local\SysVol\***.local\Policies\{7838F237-5F30-44E8-80BC-75DF5E51EF99}\User\Scripts\Logon\BG-Info\Config.bgi" "C:\temp\" run "C:\temp\Bginfo.exe C:\temp\Config.bgi /timer:0" ;**************************************************************************** ;Set User Ansicht auf Detail ;**************************************************************************** If InStr(@PRODUCTTYPE, "Windows 2000") Or InStr(@PRODUCTTYPE, "Windows XP") run "\\***.local\sysvol\***.local\Policies\{81C8A747-9992-4E6D-9BD4-93A7DB5090CB}\User\Scripts\Logon\Ansicht-Explorer-Details.exe" EndIf ;**************************************************************************** ;Definieren der Server ;**************************************************************************** $fs01="\\..." ... ... ... ;**************************************************************************** ;Verbinden von Netzwerklaufwerken ;**************************************************************************** use "*" /delete ;**************************************************************************** ;Verbinden von Netzwerklaufwerken für die EDV Abteilung ;**************************************************************************** IF InGroup("EDVGruppe") use G: $fs01+"\daten1\benutzer\%username%" ... EndIf ;**************************************************************************** ;Verbinden der Netzwerkdrucker für alle Abteilungen ;**************************************************************************** ;Script Options If NOT @LOGONMODE Break On EndIf Dim $RC $RC=SetOption("Explicit", "On") $RC=SetOption("NoMacrosInStrings", "On") $RC=SetOption("NoVarsInStrings", "On") $RC=SetOption("WrapAtEOL", "On") ;*********** ;Printserver ;*********** Dim $Server $Server="SRV" ... ;**************************************************************************** ;Netzwerkdrucker ;**************************************************************************** Dim $Technik1 $Technik1="NRG_DSm7" ... ;**************************************************************************** ;Verbinden der Netzwerkdrucker für die EDV ;**************************************************************************** If InGroup("EDVGruppe") $RC = AddPrinterConnection("\\"+$Server+"\"+$Technik1) EndIf ;**************************************************************************** ; Hardware Informationen von allen Domain PC´s auslesen ;**************************************************************************** ; Umleitung der Ausgaben auf eine Datei mit Rechnernamen im Dateinamen break on cls dim $result $result=setoption('explicit','on') $result=setoption('novarsinstrings','on') $result=setoption('nomacrosinstrings','on') dim $verzeichnis, $datei, $dimm, $computer $verzeichnis = '\\***\***.local anmeldeberichte\Anmeldungen\' $datei = @Hostname+"_info.txt" if not exist($verzeichnis) ? 'Kann Verzeichnis '+$verzeichnis+' nicht finden' exit 1 endif $result=RedirectOutput ($verzeichnis+$datei ,1) if @error ? 'Error '+@error+' - '+@serror endif ? "Datum der Erfassung = " + @date ? "Monat = " + @MONTH ? "Tag = " + @DAY ? "Uhrzeit = " + @time ? "Letzter Login von = " + @FULLNAME ? "User Privilegien = " + @PRIV ? "PC Name = " + WMIQuery("CSName","Win32_OperatingSystem")[0] ? "IP Adresse = " + @IPADDRESS0 ? "MAC Adresse = " + @ADDRESS ? "OS Name = " + WMIQuery("Caption","Win32_OperatingSystem")[0] ? "Service Pack = " + WMIQuery("CSDVersion","Win32_OperatingSystem")[0] ? "Install Date = " + WMIQuery("InstallDate","Win32_OperatingSystem")[0] ? "OS Version Number = " + WMIQuery("Version","Win32_OperatingSystem")[0] ? "OS Build Number = " + WMIQuery("BuildNumber","Win32_OperatingSystem")[0] ? "Sprache = " + @SysLang ? "Registered User = " + WMIQuery("RegisteredUser","Win32_OperatingSystem")[0] ? "Boot Device = " + WMIQuery("BootDevice","Win32_OperatingSystem")[0] ? "System Device = " + WMIQuery("SystemDevice","Win32_OperatingSystem")[0] ? "Windows Directory = " + WMIQuery("WindowsDirectory","Win32_OperatingSystem")[0] ? "System Directory = " + WMIQuery("SystemDirectory","Win32_OperatingSystem")[0] ? "Last Boot Time = " + WMIQuery("LastBootupTime","Win32_OperatingSystem")[0] ? "OS Serial Number = " + WMIQuery("SerialNumber","Win32_OperatingSystem")[0] ? "System Manufacturer is = " + WMIQuery("Manufacturer","Win32_ComputerSystem")[0] ? "System Model is = " + WMIQuery("Model","Win32_ComputerSystem")[0] ? "System Serial Number is = " + WMIQuery("SerialNumber","Win32_BIOS")[0] ? "System BIOS Version is = " + WMIQuery("SMBIOSBIOSVersion","Win32_BIOS")[0] ? "System BIOS Date is = " + WMIQuery("Version","Win32_BIOS")[0] ? "CPU Modell = " + @CPU ? "CPU Manufacturer: = " + WMIQuery("manufacturer","Win32_Processor")[0] ? "Description: = " + WMIQuery("description","Win32_Processor")[0] ? "CPU Speed is = " + WMIQuery("CurrentClockSpeed","Win32_Processor")[0]+" Mhz" ? "Maximum Clock Speed = " + WMIQuery("maxclockspeed","Win32_Processor")[0]+" Mhz" ? "L2 Cache Size: = " + WMIQuery("l2cachesize","Win32_Processor")[0] ? "L2 Cache Speed: = " + WMIQuery("l2cachespeed","Win32_Processor")[0] ? "Family: = " + WMIQuery("family","Win32_Processor")[0] ? "Level: = " + WMIQuery("level","Win32_Processor")[0] ? "Stepping: = " + WMIQuery("stepping","Win32_Processor")[0] ? "Device ID: = " + WMIQuery("deviceid","Win32_Processor")[0] ? "Unique ID: = " + WMIQuery("uniqueid","Win32_Processor")[0] ? "System Memory = " + cint(Val(WMIQuery("TotalPhysicalMemory","Win32_LogicalMemoryConfiguration")[0])/1024) + " MB" For Each $dimm in WMIQuery("Capacity","Win32_PhysicalMemory") ? "Dimm Size = " + cint(Val($dimm) / 1048576) + " MB" Next ? "Disk Name/s = " + join(WMIQuery("name","Win32_LogicalDisk"),', ') ? "Volume Name = " + join(WMIQuery("volumename","Win32_LogicalDisk"),', ') + " MB" ? "Size = " + join(WMIQuery("size","Win32_LogicalDisk"),', ')+ " MB" ? "File System = " + join(WMIQuery("filesystem","Win32_LogicalDisk"),', ') ? "Free Space = " + join(WMIQuery("freespace","Win32_LogicalDisk"),', ')+" MB" ? "Video Card is = " + WMIQuery("Description","Win32_VideoController")[0] ? "Video Res is = " + WMIQuery("VideoModeDescription","Win32_VideoController")[0] ? "Modem is = " + WMIQuery("Description","Win32_POTSModem")[0] Dim $SO $SO=SetOption('Explicit','On') $SO=SetOption('NoVarsInStrings','On') Dim $RegArray,$Value,$Product,$Key $RegArray = SearchReg("HKLM\Software\Microsoft","DigitalProductID",2) If @Error Else For Each $Value in $RegArray If $Value $Product = ReadValue(Join(Split($value,'<=>DigitalProductId'),''),'ProductName') If $Product $Key = Get_Product_Key(ReadValue(Join(Split($value,'<=>DigitalProductId'),''), 'DigitalProductID')) ? + $Product + ' = ' + $Key ? EndIf EndIf Next EndIf $computer = @wksta ? WMIQuery2("Services on","Win32_Service",$computer) ? WMIQuery2("Processes on","Win32_Process",$computer) $result=redirectoutput('') exit 0 Function SearchReg($Key,$Str,$SrcIn) Dim $Idx,$vName,$Value,$num,$SubKey,$fArr,$mbr $SearchReg = '' $num = 0 $Idx = 0 $vName = EnumValue($Key,$Idx) Do $mbr = '' If $SrcIn & 1 $Value = ReadValue($Key,$vName) If InStr($Value,$Str) $mbr = $Key + "<=>" + IIf($vName,$vName,'<Default>') EndIf EndIf If ($SrcIn & 2) And InStr($vName,$Str) $mbr = $Key + "<=>" + $vName EndIf If $mbr ReDim Preserve $SearchReg[$num] $SearchReg[$num] = $mbr $num = $num + 1 EndIf $Idx = $Idx + 1 $vName = EnumValue($Key,$Idx) Until @Error $Idx = 0 $SubKey = EnumKey($Key,$Idx) While $SubKey If ($SrcIn & 4) And InStr($SubKey,$Str) ReDim Preserve $SearchReg[$num] $SearchReg[$num] = $Key + '\' + $SubKey + "<=><KeyName>" $num = $num + 1 EndIf $fArr = SearchReg($Key + "\" + $SubKey,$Str,$SrcIn) If @Error = 0 For Each $mbr in $fArr ReDim Preserve $SearchReg[$num] $SearchReg[$num] = $mbr $num = $num + 1 Next EndIf $Idx = $Idx + 1 $SubKey = EnumKey($Key,$Idx) Loop Exit VarType($SearchReg) = 8 EndFunction Function Get_Product_Key($sProductID) Dim $aiKeyChars[24],$bProductKey[15],$ilByte,$i,$sCDKey,$nCur $aiKeyChars = Split('B,C,D,F,G,H,J,K,M,P,Q,R,T,V,W,X,Y,2,3,4,6,7,8,9',',') For $i = 0 to 14 $bProductKey[$i] = Val("&"+SubStr($sProductID,$i*2+105,2)) Next $sCDKey = "" For $ilByte = 24 to 0 Step -1 $nCur = 0 For $i=14 to 0 Step -1 $nCur = $nCur * 256 | $bProductKey[$i] $bProductKey[$i] = Int($nCur / 24) $nCur = $nCur Mod 24 Next $sCDKey = $aiKeyChars[$nCur] + $sCDKey If $ilByte Mod 5 = 0 And $ilByte <> 0 $sCDKey = "-" + $sCDKey EndIf Next $Get_Product_Key = $sCDKey EndFunction FUNCTION WMIQuery($sWhat, $sFrom, Optional $sComputer, Optional $sWhere, Optional $x, Optional $root) Dim $sQuery, $objEnum, $sValue, $sItem, $TMP, $SystemSet, $, $objInstance If Not $sComputer $sComputer="." EndIf if instr($sComputer,'\') $sComputer=right($sComputer,instrrev($sComputer,'\')) Endif if not $root $root="\root\cimv2" Endif $sQuery = "Select " + $sWhat + " From "+ $sFrom If $sWhere AND $x $sQuery = $sQuery+" Where "+$sWhere+" = '"+$x+"'" EndIf $SystemSet = GetObject("winmgmts:{impersonationLevel=impersonate}!\\"+$sComputer+$root) If @ERROR Exit VAL("&"+Right(DecToHex(@ERROR),4)) EndIf $objEnum = $SystemSet.ExecQuery($sQuery) If @ERROR Exit VAL("&"+Right(DecToHex(@ERROR),4)) EndIf For Each $objInstance in $objEnum If $objInstance $=Execute("$"+"sValue = $"+"objInstance."+$sWhat) if VarType($sValue) & 8192 For Each $sItem in $sValue $tmp=$tmp+'|'+Trim($sItem) Next else $tmp=$tmp+'|'+Trim($svalue) Endif EndIf Next $WMIQuery = split(substr($tmp,2),'|') Exit VAL("&"+Right(DecToHex(@ERROR),4)) ENDFUNCTION Function WMIQuery2($what,$where,$computer) dim $wmi, $list, $objs, $obj $wmi = GetObject("winmgmts:{impersonationLevel=impersonate}!//" + $computer + "/root/cimv2") $list = "" $objs = $wmi.instancesof($where) For Each $obj in $objs $list = $list + $obj.description + Chr(13) + Chr(10) Next $list=Left($list, Len($list)) ? $what +" "+ $computer + Chr(13) + Chr(10) + $list EndFunction |
||||||||
|
|
|||||||
One of the problems with this kind of script is that it's difficult to add debugging or status info. You show one but I imagine you have several USE statements. You'd need to add diag messages after each one. A better approach would be to create a function to actually map the drive and display any error message that occurred. Then, you'd call the function with the drive letter and UNC path to map as arguments. Something like: Code: DoMapDrive('G:', '\\server\share' Function DoMapDrive($_Drv, $_Path) Use $_Drv $_Path If @ERROR 'DoMapDrive:' + $_Drv + ' ' + $_Path + ':' + @SERROR + @CRLF Exit @ERROR EndIf Exit 0 EndFunction I just worked with a client on a similar problem, using our commercial login script. Because we used a function to map the drives, we could dump a diagnostic report that reported that the PC could not validate the groups. That led to a determination that the secure channel for the PC was corrupt. Point is - the error messages from the login process played a key part in problem identification. Without them, you're just guessing. Glenn |
||||||||
|
|
|||||||
Hi Glenn, i´m sorry but i´m not a gifted programmer. Can you show me how to implement the error checking in my script? For me it is very difficult :-/ Greetz backfight |
||||||||
|
|
|||||||
GPO script and mapping drives, smells like UAC to me. You have a couple of options... Disable UAC Run the Unsupported RegHack - http://support.microsoft.com/kb/937624 "Important This workaround may make your system unsafe. Microsoft does not support this workaround. Use this workaround at your own risk." Use something like RunAsInteractiveUser() - http://www.kixtart.org/forums/ubbthreads...true#Post198514 If you choose to use RunAsInteractiveUser() I would be most appreciative of knowing your outcome/results. |
||||||||
|
|
|||||||
Hi, You are a genius!!! Your Microsoft URL and this blog: Blog solved the problem THX!!! |
||||||||
|
|
|||||||
This is the translated version of the link provided above... I'm assuming he went with disabling UAC. Quote: Windows 7 and Windows Vista provide the UAC (User Account Control), which is sometimes erroneously referred to as User Access Control, a security feature that many a user can drive you crazy. Especially companies secure their networks and clients from as far that UAC is useless and can be disabled. In addition to the manual disabling of each client individually, giving the change via the registry is also a way to make this in a domain using GPO. The domain level but it must be at least 2008. First you need to create a machine policy. Edit that and go to Policy - Windows Settings - Security Settings - Local Policies - Security Options Sort the rules by name. The guidelines of the User Account Control can be seen now at the top. Now set the following options: All administrators in Admin Approval Mode Run - Disabled Detect application installations and prompt for elevation - Disabled Behavior of the rights request prompt hillside without secure desktop - Elevate without prompting Their domain in the English language is not installed, the settings as follows: Run all administrators in Admin Approval Mode - Disabled Detect application installations and prompt for elevation - Disabled Behavior of the elevation prompt for administrators - Elevate without prompting |
||||||||
|
|
|||||||
Hi all, i have another problem that seems to be a problem like the Networkmappings. I have a Windows 2008 R2 Print Server In my loginscript is a part to add these printer from this print server But the connection add doesn´t work When i use a windows 2003 print Server with 32 bit drivers everything is fine. Do u have an solution for that? Greetz Backfight |
||||||||
|
|
|||||||
EDIT: In my script was a bug. Sorry. I´ve forgotten to enter the printserver name :-) Now everything works fine |
||||||||
|
|
|||||||
Small things have big impact and it are always the small things that get overlooked. Great that you got it running. |