can't get user to excute on a logon script, administrator is o.k.

T

Thomas

I am trying to run a script in grouppolicy from a local Xp professional
machine and send a log to the windows 2000 server.If I redirect the log to
the server as administrator all is o.k. the path: It's a one liner entry
%logonPC%...%date%...%time%...%username%
\\computername\admin$\system32\shhs\logs\%rm-pc%%use-r%\5rm-pc%5fn-04%" The
Click to expand...
username records as (administrator %username%) The administrator logon
executes and writes to the log file o.k. but the user logon will not
execute. I am not sure how to setup the path for a user and give the proper
permission I read "Domain User" group with write permission on the log file.
Try that and does not help. Event Id:1054 and Netdiag won't run wants
"dnsapI.dll, which I unsuccessfully tried to refresh from the i386 folder in
safemode. Any help would be appreciated. Thank you Jerry
 
J

Jerold Schulman

I am trying to run a script in grouppolicy from a local Xp professional
machine and send a log to the windows 2000 server.If I redirect the log to
the server as administrator all is o.k. the path: It's a one liner entry
%logonPC%...%date%...%time%...%username%
username records as (administrator %username%) The administrator logon
executes and writes to the log file o.k. but the user logon will not
execute. I am not sure how to setup the path for a user and give the proper
permission I read "Domain User" group with write permission on the log file.
Try that and does not help. Event Id:1054 and Netdiag won't run wants
"dnsapI.dll, which I unsuccessfully tried to refresh from the i386 folder in
safemode. Any help would be appreciated. Thank you Jerry
Click to expand...

A user cannot write to an Administrative share (Admin$).
Why not create a share and grant users read and write on the file system and atleast Read and Write
on the share.

Jerold Schulman
Windows Server MVP
JSI, Inc.
http://www.jsiinc.com
http://www.jsifaq.com
 
T

Thomas

Reply to:
Jerold Schulman
Windows Server MVP
JSI, Inc.
http://www.jsiinc.com
http://www.jsifaq.com
Click to expand...

I am not educated with the likes and dislikes of Group Policy running
scripts. The goal is to capture all logon.etc. "Everyone" who logs on
registers to <somewhere.txt>; via GroupPolicy
(logon),(logoff),(startup),(shutdown).[echo
%computername%...%date%...%time%...%shutdown%...%username% >>
<somewhere.txt>] Everyone includes local and domain logon.etc. I was under
the impression that Group Policy was and administrators tool and would write
to an Administrator file, It does, but when a %username% is not a
Administrator it [echo %username%]does an: "Access Deny" message in the dos
window during testing, and when logging on with Group Policy enabled for the
script refuses to write.



If it has to be a share then the batch will either copy it to the
Administrator only folder and delete the user file synchronously. Optionally
the <somewhere.txt> can reside locally (preferred) and copy to the server
administrator only folder on the server. The purpose is to take advantage of
Group Policy log/start/shut features. Offline files works with any user
just great; logging on and off, expected the same concept using Group
Policy.............Thank you for you help. Jerry
 
J

Jerold Schulman

Reply to:
Jerold Schulman
Windows Server MVP
JSI, Inc.
http://www.jsiinc.com
http://www.jsifaq.com
Click to expand...

I am not educated with the likes and dislikes of Group Policy running
scripts. The goal is to capture all logon.etc. "Everyone" who logs on
registers to <somewhere.txt>; via GroupPolicy
(logon),(logoff),(startup),(shutdown).[echo
%computername%...%date%...%time%...%shutdown%...%username% >>
<somewhere.txt>] Everyone includes local and domain logon.etc. I was under
the impression that Group Policy was and administrators tool and would write
to an Administrator file, It does, but when a %username% is not a
Administrator it [echo %username%]does an: "Access Deny" message in the dos
window during testing, and when logging on with Group Policy enabled for the
script refuses to write.



If it has to be a share then the batch will either copy it to the
Administrator only folder and delete the user file synchronously. Optionally
the <somewhere.txt> can reside locally (preferred) and copy to the server
administrator only folder on the server. The purpose is to take advantage of
Group Policy log/start/shut features. Offline files works with any user
just great; logging on and off, expected the same concept using Group
Policy.............Thank you for you help. Jerry
Click to expand...

Your previous <someplace.txt> was "\\computername\admin$\system32\shhs\logs\%rm-pc%%use-r%\5rm-pc%5fn-04%"
and I simply stated that you can't use admin$ for a normal user.

Create a share on \\ComputerName, like Info and use
"\\ComputerName\Info\%rm-pc%%use-r%\5rm-pc%5fn-04%"
Makining sure that everyone had read and write to the share and folder on \\Computername.

Jerold Schulman
Windows Server MVP
JSI, Inc.
http://www.jsiinc.com
http://www.jsifaq.com
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Is there a command/script to allow for auto logon during startup? 4
how to tell if it is a local user account or domain user account? 3
Trying to add my first user... 0
Is there a way to get caller environment variables from Reflection? 1
Is there a way to make the user name 'administrator' always appear on the 'Welcome Screen'? 3
WTD: Nvidia Videocard for 4x AGP Slot 0

Top