Startup script trouble with group policy

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Cheers Andrew, thats what I did do on the install on the remote PC. I'm gona have a go here sunday on my test lab.

Shall I make a Jakamoko comment here .......

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Whaddaya mean ??? I'm angry tonight - don't make it worse for yourself

 

Do make him angry.....you wouldnt like him when he's angry

 

Sit down, shut up and suck your thumb.






Did that make you angry? Sorry Gav

 

Dont you look at me in that tone of voice, sitting down at the corner of a round table, eating vinegar with a knife and fork, get a shovel and sweep up

 

<spoken in quite, level tones>:

Armadillos do not have opposable digits, therefore sucking of the thumb would clearly be impossible.

 

Won't catch many of them around CertForums I'll make sure of it... :P

 

Oy, Jak, don't start dragging us down to your level we aren't all evil armadillos you know :P

Andrew, your post didn't come across badly so no offence taken at all, I'm not about to take my ball home If you install a network printer under one user account on a w2k machine that printer is usually only available to that user. To install a driver for a network printer manually all you have to do is browse to the machine that acts as the print server for that printer, find the printer, right click on it and select connect. W2k sets up the printer for you, it drags down the drivers and configures it for you, no messing about with ports and so on.

The way I was describing in my last post would install the printer to the machines rather than the users, so whoever logged in in a classroom would get the classroom printer. I'm not sure why si's script isn't working but I suspect the startup script is too early in the boot process to be assigning network printers, could be wrong tho.

 

That was my thoughts, as the script runs ok from the desktop. I'm going to try and recreate it at home and see if I can sort it out over the weekend.

Boy I bet you love my threads :roll:

 

Andrew, I'm not trying to cause any offence and I'm sorry if I have. We're obviously talking about 2 different methods of printing. The way you're describing each PC prints directly to the printer from it's own queue on the PC, the way I'm describing attaches each PC to a centrally managed print queue. Installing the driver locally to print direct to the printer will have the driver available to all users, connecting to a server queue will only have the printer available to the user it was installed under. We use ghosted builds as well but they don't include any print drivers, they get installed when the user logs in and depending who the user is they get different print queues configured.

I'm afraid I have a pathological hate of installing drivers on each machine, spent way too long as a mobile technician traipsing from site to site just installing the b&^*£y things. If I can possibly help it network management is done from the comfort of my office with as little contact with users as possible, otherwise they start asking you weird questions about excel every time you turn up at their desk.

 

Si this has caught my attention because I have a training room and hotdesks that could do with a particular printer adding to them regardless of who logged on so I've played around with this in vmware this afternoon.

Expanding on the method I mentioned earlier, rather than putting the computers in groups move them into OU groupings based on classrooms or however you have the printing organised.

Create a group policy in, for instance, the classroom1 OU,

set security so that it applies to domain computers,

edit the policy and add your script in to the users logon script ,

in the same policy go to Computer Configuration/Administrative Templates/System/Group Policy and enable the User Group Policy Loopback Processing mode setting.


When users log on to those PC's they will get the classroom printer.

 

@Andrew, sorry I missed your last while posting to Si.

With roaming profiles you could add a couple of lines to the script so that it clears out any other printers before attaching the classroom they're in.

As far as filtering the PC's down to classrooms in the Group Policies is concerned you could do it a couple of ways. There's the way I described to si where you create an OU for each classroom and place the computer accounts into their respective OU's then apply a GPO to each OU. Alternatively you could have all the computer accounts in one OU and have security groups for each classroom with the computers as members of their respective groups, you then have a GPO for each classroom in that one OU and only apply the policy to the relevant group. This all depends on your existing AD design.

The key to it all is the loopback setting, if you don't enable that the scripts don't run.

The advantage to having central queues is that you can mange the printers, who has access to them and when they have access to them. For instance we have a colour printer at work that has restricted access to managers and training, if that weren't in place we'd have everybody printing off the latest amusing pictures they had sent to them which managed to slip past the mailsweepers. Also if that printer breaks down for whatever reason you can easily point the queue to another printer or replacement printer without having to trail round every machine and point them to the new printer.

 

I have the Computer accounts set out like this, each classroom in an OU. Thats why I tried the startup script. I did try the user config logon script but it didnt run.

So let me get this straight, if I set the user configuration/windows settings/ logon script to my script and also enable the User Group Policy Loopback Processing mode setting, in merge mode so other GP setting dont get messed with then this will work?

If so Phil, YOU THE MAN. I dont have time to try this out tonight but may be able to test it tommorow.

Si

 

Andrew, as you know scripting isn't taught as part of the MCSE it's just something you pick up along the way. Can you programme with Basic ? if so you could be writing VBscripts in no time, the structures and logic are just the same so the rest is just syntax. The beauty of it is you can do so much in a windows 2000 network with a little script, I've written one recently which is run when you put out a new PC or move a PC, it just asks you for the desk number the PC is going on and it will update the asset database for you with Asset No, IP, Mac, Serial No, port no, switch no and so on, doesn't half save a lot of messing about writing on scraps of paper and entering the details into a database by hand. With it being simple my records are that much more accurate because people don't forget to update records (me mostly ). Another example is you can start up or shut down PC's remotely with a couple of very short and simple scripts, the implications of this are that overnight you could wake up a load of PC's, roll out some update or other and then shut them down again all without leaving the comfort of your chair, or even being there if you ran the script as a scheduled task. Sorry, just getting a bit over-enthusiastic there, as a mate of mine tells me from time to time, my propellar started spinning (I can't help it, I like my Job) So back to your questions.

The user sees no difference to the printing process except the printer name would be something on the lines of "HP laserjet on Dataserver", you are adding more group policies and so in theory more load on the network but pushing the the drivers out to the machines only takes a couple of seconds and once that is done they won't need to be again. you don't notice any slow down at login in other words.