Startup script trouble with group policy

Discussion in 'Windows Server 2003 / 2008 / 2012 / 2016' started by SimonV, Nov 13, 2003.

  1. SimonV
    Honorary Member

    SimonV Petabyte Poster

    6,652
    179
    258
    Cheers Andrew, thats what I did do on the install on the remote PC. I'm gona have a go here sunday on my test lab.


    Shall I make a Jakamoko comment here :daz ....... :offtopic :tune
     
    Certifications: MOS Master 2003, CompTIA A+, MCSA:M, MCSE
    WIP: Keeping CF Alive...
  2. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,924
    74
    229
    Whaddaya mean ??? I'm angry tonight - don't make it worse for yourself
    :evil:
     
    Last edited by a moderator: Jan 2, 2015
    Certifications: MCP, A+, Network+
    WIP: Clarity
  3. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,416
    3
    82
    Do make him angry.....you wouldnt like him when he's angry :D
     
    Certifications: A+, 70-210, 70-290, 70-291, 74-409, 70-410, 70-411, 70-337, 70-347
    WIP: 70-346
  4. SimonV
    Honorary Member

    SimonV Petabyte Poster

    6,652
    179
    258
    Sit down, shut up and suck your thumb.






    Did that make you angry? Sorry Gav :offtopic
     
    Certifications: MOS Master 2003, CompTIA A+, MCSA:M, MCSE
    WIP: Keeping CF Alive...
  5. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,416
    3
    82
    Dont you look at me in that tone of voice, sitting down at the corner of a round table, eating vinegar with a knife and fork, get a shovel and sweep up
     
    Certifications: A+, 70-210, 70-290, 70-291, 74-409, 70-410, 70-411, 70-337, 70-347
    WIP: 70-346
  6. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,924
    74
    229
    <spoken in quite, level tones>:

    Armadillos do not have opposable digits, therefore sucking of the thumb would clearly be impossible.

    :shades
     
    Certifications: MCP, A+, Network+
    WIP: Clarity
  7. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,904
    171
    221
    Now, now ladies, handbags down! :-o

    It's time for all clean living people to retire until the morning and then start the day afresh.

    Me, another beer and I'll see what happens :twisted:

    LOL

    Andrew
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  8. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,924
    74
    229
    Won't catch many of them around CertForums :!: I'll make sure of it... :P
     
    Certifications: MCP, A+, Network+
    WIP: Clarity
  9. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,904
    171
    221
    Do you mean that all of us have been tainted by the Jakamoko effect (I believe that a Noble Prize could be in the offering) (either that or a new episode of Star Trek) :eek: :eek: :eek: :eek:

    Andrew
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  10. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    Oy, Jak, don't start dragging us down to your level we aren't all evil armadillos you know :P

    Andrew, your post didn't come across badly so no offence taken at all, I'm not about to take my ball home :) If you install a network printer under one user account on a w2k machine that printer is usually only available to that user. To install a driver for a network printer manually all you have to do is browse to the machine that acts as the print server for that printer, find the printer, right click on it and select connect. W2k sets up the printer for you, it drags down the drivers and configures it for you, no messing about with ports and so on.

    The way I was describing in my last post would install the printer to the machines rather than the users, so whoever logged in in a classroom would get the classroom printer. I'm not sure why si's script isn't working but I suspect the startup script is too early in the boot process to be assigning network printers, could be wrong tho.
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  11. SimonV
    Honorary Member

    SimonV Petabyte Poster

    6,652
    179
    258
    That was my thoughts, as the script runs ok from the desktop. I'm going to try and recreate it at home and see if I can sort it out over the weekend.

    Boy I bet you love my threads :roll:
     
    Certifications: MOS Master 2003, CompTIA A+, MCSA:M, MCSE
    WIP: Keeping CF Alive...
  12. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,904
    171
    221
    HOWEVER if you install the printer driver under the local administrators account it will be available to all userswhen they logon. Well that's how we do it anyway.

    Normally if we are installing a whole classroom all of the pc's are ghosted with the printer drivers as part of the image.

    Andrew
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  13. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    :cheers Andrew, I'm not trying to cause any offence and I'm sorry if I have. We're obviously talking about 2 different methods of printing. The way you're describing each PC prints directly to the printer from it's own queue on the PC, the way I'm describing attaches each PC to a centrally managed print queue. Installing the driver locally to print direct to the printer will have the driver available to all users, connecting to a server queue will only have the printer available to the user it was installed under. We use ghosted builds as well but they don't include any print drivers, they get installed when the user logs in and depending who the user is they get different print queues configured.

    I'm afraid I have a pathological hate of installing drivers on each machine, spent way too long as a mobile technician traipsing from site to site just installing the b&^*£y things. If I can possibly help it network management is done from the comfort of my office with as little contact with users as possible, otherwise they start asking you weird questions about excel every time you turn up at their desk.
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  14. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,904
    171
    221
    You know what Phil, I think you're right. Same end result eg printed document but a different way of getting there. This is the method that the school have always used and as this is my first IT job, I haven't seen the way that dedicated print servers work. If I may ask, how does this work with roaming profiles. AS the kids and teachers move around the school, they would need access to a variety of different printers in different deptartments and to only print to printers in those depts.

    I'm the same as you, I like staying away from users (esp teachers) as they always think of something they want doing.

    Cheers

    Andrew
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  15. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    Si this has caught my attention because I have a training room and hotdesks that could do with a particular printer adding to them regardless of who logged on so I've played around with this in vmware this afternoon.

    Expanding on the method I mentioned earlier, rather than putting the computers in groups move them into OU groupings based on classrooms or however you have the printing organised.

    Create a group policy in, for instance, the classroom1 OU,

    set security so that it applies to domain computers,

    edit the policy and add your script in to the users logon script ,

    in the same policy go to Computer Configuration/Administrative Templates/System/Group Policy and enable the User Group Policy Loopback Processing mode setting.


    When users log on to those PC's they will get the classroom printer.
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  16. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    @Andrew, sorry I missed your last while posting to Si.

    With roaming profiles you could add a couple of lines to the script so that it clears out any other printers before attaching the classroom they're in.

    As far as filtering the PC's down to classrooms in the Group Policies is concerned you could do it a couple of ways. There's the way I described to si where you create an OU for each classroom and place the computer accounts into their respective OU's then apply a GPO to each OU. Alternatively you could have all the computer accounts in one OU and have security groups for each classroom with the computers as members of their respective groups, you then have a GPO for each classroom in that one OU and only apply the policy to the relevant group. This all depends on your existing AD design.

    The key to it all is the loopback setting, if you don't enable that the scripts don't run.

    The advantage to having central queues is that you can mange the printers, who has access to them and when they have access to them. For instance we have a colour printer at work that has restricted access to managers and training, if that weren't in place we'd have everybody printing off the latest amusing pictures they had sent to them which managed to slip past the mailsweepers. Also if that printer breaks down for whatever reason you can easily point the queue to another printer or replacement printer without having to trail round every machine and point them to the new printer.
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  17. SimonV
    Honorary Member

    SimonV Petabyte Poster

    6,652
    179
    258
    I have the Computer accounts set out like this, each classroom in an OU. Thats why I tried the startup script. I did try the user config logon script but it didnt run.

    So let me get this straight, if I set the user configuration/windows settings/ logon script to my script and also enable the User Group Policy Loopback Processing mode setting, in merge mode so other GP setting dont get messed with then this will work?

    If so Phil, YOU THE MAN. I dont have time to try this out tonight but may be able to test it tommorow.

    Si :D
     
    Certifications: MOS Master 2003, CompTIA A+, MCSA:M, MCSE
    WIP: Keeping CF Alive...
  18. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,904
    171
    221
    I do have to adimt that you guys have lost me now. I have not had to deal with VB scripts before and therefore am feeling pretty humble at the mo due to greater knowledge.
    It is OK learning an exam qualification from a book, that's how I did it, than if you are in the industry.

    What does the user see when they jut click on "Print" using his method rather than the way we do it?

    Are you going down the route of more Group Policies and slowing the whole networik down.

    I would like to add that our School is looking at using an application from a company called ACKER (not sure of the spelling) I'll post he web address later.

    Their system uses W2K network and does everything that Phil wason about. We have had a demo, it is geared towards schools, it is exactly what school need.

    It will load apps, unload as req. move printers and everything else. The say that nothing is proprietry and all is based od Win2K AD.

    Also, Phil, what does the client see using your method when they click print. I'm sorry if this seems obvious, but if you've never seem it then???
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  19. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    Andrew, as you know scripting isn't taught as part of the MCSE it's just something you pick up along the way. Can you programme with Basic ? if so you could be writing VBscripts in no time, the structures and logic are just the same so the rest is just syntax. The beauty of it is you can do so much in a windows 2000 network with a little script, I've written one recently which is run when you put out a new PC or move a PC, it just asks you for the desk number the PC is going on and it will update the asset database for you with Asset No, IP, Mac, Serial No, port no, switch no and so on, doesn't half save a lot of messing about writing on scraps of paper and entering the details into a database by hand. With it being simple my records are that much more accurate because people don't forget to update records (me mostly :) ). Another example is you can start up or shut down PC's remotely with a couple of very short and simple scripts, the implications of this are that overnight you could wake up a load of PC's, roll out some update or other and then shut them down again all without leaving the comfort of your chair, or even being there if you ran the script as a scheduled task. Sorry, just getting a bit over-enthusiastic there, as a mate of mine tells me from time to time, my propellar started spinning :) (I can't help it, I like my Job) So back to your questions.

    The user sees no difference to the printing process except the printer name would be something on the lines of "HP laserjet on Dataserver", you are adding more group policies and so in theory more load on the network but pushing the the drivers out to the machines only takes a couple of seconds and once that is done they won't need to be again. you don't notice any slow down at login in other words.
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  20. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,904
    171
    221
    Cheers Phil, you are right, scripting I am not familiar with. not unless it is the same as when we had a Commador Pet 64. You are right though, perhaps scriptng should be a part of the course. Not done it before and I think I am now missing out on something. Do you have any suggestions on how to learn this skill.

    Your script really sounds like the way we should be going for complete AD integration.

    TAL

    Andrew
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.