PowerShell logon script with function parameters

Hi,
I've made file, something.ps1, that has to functions: Set-Something and Remove-Something. Unless necessary I will not explain what they do (though the names should provide the gist of it).
These functions can be run successfully with the commands.
Set-Something -Path "C:\Path\To\Somtehing"Remove-Something -Path "C:\Path\To\Somtehing"
I'm trying to implement these as logon and logof in GPO. What i set for example in logon is:
Tab: PowerShell
Name: "C:\Scripts\something.ps1"
Parameters: "Set-Something -Path 'C:\Path\To\Something'"
This does not work. Why?
PS: I can get it to work with adding the following to the end of the script, and run it without parameters at login.
Set-Something -Path 'C:\Path\To\Something'
But that isn't what I'm trying to do, because that means I will have to create one script for logon and one for logoff. I wish I want to run the same script, but different functions at logon and logoff.

Hi,
Check the following points,
- Check the availability of your PowerShell scripts in the netlogon share - \\Server\NETLOGON
- Check whether the GPO is linked to the OU containing users, because GPO with logon script need to assigned for scope with users, where as  GPO with startup script need to be assigned for scope with computers.
- To confirm whether GPO settings are applied - run gpresult from command prompt.
- To force the GPO settings - run gpupdate /force from command prompt.
- Then logoff and login again to check the status.
Regards,
Gopi
JiJi
Technologies

Similar Messages

  • GP logon script with PowerShell

    We have a Windows Server 2012 domain and would like to create a GP logon script with PowerShell.
    So if you execute the .ps1 file, the specified logon script settings (including parameters) would be applied automatically in the GP.
    Any idea of such command line?

    Thanks for the tips!
    May not be the easiest solution, but it works:
    I created a backup of the GPO set fully graphical interface, and I've copied ps1 file in the same folder.
    #Start
    #Create GPO
    $gponame = "Program_AutoStart"
    Write-Host ""
    $ou = Read-Host "What is your Organisational Unit name?"
    Write-Host ""
    $enforce = Read-Host "Do you want enforce Group Policy link? (Yes/No)"
    $dc1 = $env:userdnsdomain
    $dc1length = $env:userdnsdomain.Length
    $dc1s = $env:userdnsdomain.Split(".")
    $dc1count = $dc1s[$dc1s.Count-1].Length+1
    $dc1max = $dc1length-$dc1count
    $dc1 = $dc1.Substring(0,$dc1max)
    $dc2 = $env:userdnsdomain.Split(".")
    $dc2 = $dc2[$dc2.Count-1]
    Write-Host ""
    Write-Host -Object "Create a new Group Policy Object..."
    #replace GPO settings
    ##backup.xml file
    $backupFilePath = ".\backup\{2F708EB2-F154-4739-8F6D-1F16C954649C}\Backup.xml"
    $content = Get-Content -path $backupFilePath
    $content | foreach { $_.Replace("mydomainname","$env:userdnsdomain") } | Set-Content $backupFilePath
    $content = Get-Content -path $backupFilePath
    $content | foreach { $_.Replace("mycomputername","$env:COMPUTERNAME") } | Set-Content $backupFilePath
    $content = Get-Content -path $backupFilePath
    $content | foreach { $_.Replace("mynetbiosname","$env:userdomain") } | Set-Content $backupFilePath
    ##backup.xml file
    $bkupinfoFilePath = ".\backup\{2F708EB2-F154-4739-8F6D-1F16C954649C}\bkupinfo.xml"
    $content = Get-Content -path $bkupinfoFilePath
    $content | foreach { $_.Replace("mydomainname","$env:userdnsdomain") } | Set-Content $bkupinfoFilePath
    $content = Get-Content -path $bkupinfoFilePath
    $content | foreach { $_.Replace("mycomputername","$env:COMPUTERNAME") } | Set-Content $bkupinfoFilePath
    $content = Get-Content -path $bkupinfoFilePath
    $content | foreach { $_.Replace("mynetbiosname","$env:userdomain") } | Set-Content $bkupinfoFilePath
    ##gpreport.xml file
    $gpreportFilePath = ".\backup\{2F708EB2-F154-4739-8F6D-1F16C954649C}\gpreport.xml"
    $programexe = "$env:logonserver\$share\My_Program\program.exe"
    $content = Get-Content -path $gpreportFilePath
    $content | foreach { $_.Replace("mycommand","$programexe") } | Set-Content $gpreportFilePath
    Write-Host ""
    $parameters = Read-Host "Add your parameters"
    $content = Get-Content -path $gpreportFilePath
    $content | foreach { $_.Replace("myparameters","$parameters") } | Set-Content $gpreportFilePath
    ##scripts.ini file
    $gpreportFilePath = ".\backup\{2F708EB2-F154-4739-8F6D-1F16C954649C}\DomainSysvol\GPO\User\Scripts\scripts.ini"
    $content = Get-Content -path $gpreportFilePath
    $content | foreach { $_.Replace("mycommand","$programexe") } | Set-Content $gpreportFilePath
    $content = Get-Content -path $gpreportFilePath
    $content | foreach { $_.Replace("myparameters","$parameters") } | Set-Content $gpreportFilePath
    #Import GPO and link
    Write-Host ""
    Write-Host -Object "Import Group Policy settings..."
    Import-GPO -BackupGpoName "$gponame" -TargetName "$gponame" -Path ".\backup" -CreateIfNeeded
    New-GPLink -Name "$gponame" -target "ou=$ou,dc=$dc1,dc=$dc2" -Enforced $enforce -LinkEnabled Yes
    #Replace undo
    ##backup.xml file
    $content = Get-Content -path $backupFilePath
    $content | foreach { $_.Replace("$env:userdnsdomain","mydomainname") } | Set-Content $backupFilePath
    $content = Get-Content -path $backupFilePath
    $content | foreach { $_.Replace("$env:COMPUTERNAME","mycomputername") } | Set-Content $backupFilePath
    $content = Get-Content -path $backupFilePath
    $content | foreach { $_.Replace("$env:userdomain","mynetbiosname") } | Set-Content $backupFilePath
    ##backup.xml file
    $content = Get-Content -path $bkupinfoFilePath
    $content | foreach { $_.Replace("$env:userdnsdomain","mydomainname") } | Set-Content $bkupinfoFilePath
    $content = Get-Content -path $bkupinfoFilePath
    $content | foreach { $_.Replace("$env:COMPUTERNAME","mycomputername") } | Set-Content $bkupinfoFilePath
    $content = Get-Content -path $bkupinfoFilePath
    $content | foreach { $_.Replace("$env:userdomain","mynetbiosname") } | Set-Content $bkupinfoFilePath
    ##gpreport.xml file
    $content = Get-Content -path $gpreportFilePath
    $content | foreach { $_.Replace("$programexe","mycommand") } | Set-Content $gpreportFilePath
    $content = Get-Content -path $gpreportFilePath
    $content | foreach { $_.Replace("$parameters","myparameters") } | Set-Content $gpreportFilePath
    ##scripts.ini file
    $content = Get-Content -path $gpreportFilePath
    $content | foreach { $_.Replace("$programexe","mycommand") } | Set-Content $gpreportFilePath
    $content = Get-Content -path $gpreportFilePath
    $content | foreach { $_.Replace("$parameters","myparameters") } | Set-Content $gpreportFilePath
    #End

  • Logon Script with Credential

    Hello everybody.
    Let me explain my problem. 
    I have a Powershell shell Logon Script for a Domain user without privileges that has to:
    Run IE as Domain user.
    When user close al IE open windows, Script have to make some process as soon as finish, script run again IE.
    The user that run the script doesn’t have any kind of access to the any drive and doesn’t have any access to any app or windows config setting, he has only access to IE through Powershell Logon Script, no more.
    I gave to user privileges as a part of the operating system through GPO.
    Well, let me show you the script before continue with the explanation: 
    Function fCredenciales([String]$FileTXT, [String]$UserIE)
                   $UsIE1       = Get-Credential -Credential $UserIE 
                  $SecureIE  = $UsIE1.Password
                   $BytesIE    = ConvertFrom-SecureString $SecureIE
                   $BytesIE   | Out-File $FileTXT
    #                     SCRIPT                              
    $Folder  = "C:\Cred"
    $FileIE   = $Folder + "\IE.txt"
    $UsIE     = "Domain\User"
    If(-Not (Test-Path $Folder))
                   New-Item $Folder -Type Directory
                    fCredenciales $FileIE $UsIE
    If (-Not (Test-Path $FileIE))
                   fCredenciales $FileIE $UsIE
    $UsIETxt   = Get-Content $FileIE | ConvertTo-SecureString
    If ($UsIETxt -eq $Null)
                   fCredenciales $FileIE $UsIE
    $UsuarioIE      = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $UsIE, $UsIETxt
    $MyNetwork    = Get-WMIObject Win32_NetworkAdapterConfiguration -ComputerName LocalHost | Where-Object { $_.IPAddress -ne $null } # | Select-Object IPAddress
    $MyIPAddress = $MyNetwork.IPAddress[0]
    $URL                   = "https://www.mywebpage.com/?qwerty="
    + $MyIPAddress + " -private"
    $IE                       = "C:\Program Files\Internet Explorer\iexplore.exe"
    While ($True)
        Start-Process $IE -ArgumentList $URL -ArgumentList $URL  -Credential $UsuarioIE
        $IDProcess = Get-Process -Name iexplore | ?{$_.MainWindowTitle} | %{$_.ID}
        Wait-Process -Id $IDProcess
        # Proccess 1                                             
        # Process2                                                                
    I need to execute IE as other user.
    As logon user doesn’t have drive access, he cannot read credential.
    If logon script wants to ask for credential, credential windows never shown.
    I don’t know why, but if the user hasn’t  administratives privileges
    Start-Proccess with –Credential doesn´t work, exactly as
    Wait-Process -Id $IDProcess.
    The security department wants:
    User Without any access (No drives, no menu, no nothing
    J).
    Script has to run IE as domain simple user.
    If script needs administrative privileges to run  Wait-Window the script can be run as administrative user, but not the Start-Process.
     I hope that you can understand me.
    Thanks in advanced,
    Angel Biurrun C.

    Sorry but what you seem to be trying to do is not possible.  You cannot make a user an admin by having them do something that only an admin can do.
    If your company says a user cannot have access to any drives then there is no way they can open a file on a drive they have no access to.
    The script you posted is also impossible to read.  Can you try and post it correctly.  Maybe someone can decode what you are trying to do.
    As a quick example this is how we post scripts.
    Function fCredenciales([String]$FileTXT, [String]$UserIE){
    $UsIE1=Get-Credential -Credential $UserIE
    $SecureIE=$UsIE1.Password
    $BytesIE=ConvertFrom-SecureString $SecureIE
    $BytesIE | Out-File $FileTXT
    Notice that it is readable and better indented. The eye can follow the code.  By using the code control the code becomes color keyed which makes it even more readable.
    ¯\_(ツ)_/¯

  • PowerShell Logon Script

    I have a powershell logon script that is governed by group policy.
    It works great except one thing.
    I have this awesome little piece that goes something like,
    $user = (GetADUser -Identity $env:USERNAME -Poperties MemberOf,sAMAccountName | Select-Object MemberOf,sAMAccountName)
    if ($user.Memberof -match $someMembershipInAD)
    {put a file on their desktop}
    However, the client systems do not have the AD module, nor will it be installed.  Is there another way to check the users security memberships? 

    You can use the following function to test Group Member ship using ADSI and DotNet
    Function Test-GroupMembership
    <#
        .Synopsis
            Test whether the current user is a member of a specified group.
        .Description
            Tests whether or not the current user is a member of a specified
            security group. (works only for current domain).
        .Parameter GroupName
            The security group to test.  Note that this value may be supplied
            as a string which will be converted to an NTAccount object.  If the
            group does not exist, an error will occur and the result of the test
            will be False.
        .Inputs
            None.
        .Outputs
            True ($true) if the user is a member of the group; otherwise False ($false).
        .Example
            Test-GroupMembership Administrators
            Returns true if the current user is a member of the local Administrators group.
        .Example
            PS C:\> Test-GroupMembership 'Groupdoesnotexist'
            Test-GroupMembership : Group: Groupdoesnotexist does not exist!
            In Zeile:1 Zeichen:1
            + Test-GroupMembership 'Groupdoesnotexist'
            + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
                + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Test-GroupMembership
            False
            Returns an Error False as the group does not exist
    #Requires -Version 2.0    
    #>
        Param (
            [Parameter(Mandatory=$true)]
            [System.Security.Principal.NTAccount]$GroupName
        $searcher = [adsisearcher]''
        $searcher.Filter = "(&(ObjectClass=group)(SamAccountName=$GroupName))"
        $GroupExist = [bool]$searcher.FindOne()
        IF (-not($GroupExist))
            Write-Error -Message "Group: [$GroupName] does not exist!"
            return $False
        $identity = [Security.Principal.WindowsIdentity]::GetCurrent()
        $principal = New-Object Security.Principal.WindowsPrincipal $identity
        $principal.IsInRole($GroupName)
    } #end Function Test-GroupMembership

  • Running powershell script with customer parameters as a scheduled task

    tfl wrote:I guess I don't get why you are wanting thisMy regular tasks run,. and take data from data files. Want your batch to get processed today? Then add it to the queue file by 5:00 PM.. The task runs at 5:01 and works with whatever data is available. And if the file is empty, nothing happens each night. If you want to pass parameters like this, then why bother with a scheduled task? You'd need to remove the old one and add the new one each time. Which is extra work and complexity, especially if the task at hand is in any way 'dangerous' if run twice with the same data (ie you forget to change the task or remove it).I'm using a scheduled task to trigger the script, I'm using the "on event" trigger and then calling the script as an action. The method I was using before (calling via a bat file with the event Id hard coded into that"...

    Hi all,Having one of those hair pulling issues where something should work but for some reason its blindly refusing not to!I've created this script that is a bit of an extension to the email on eventID for task scheduled. It basically pulls out the various information from the actual event and fires off an email to our alerting team to investigate etc.That all works great, but what I'm now trying to do is get it to accept a custom parameter so the actual event ID its looking for doesn't have to be hard coded and can be passed to it via the commandline etc. I've got it all setup and work great but for the life of me can't get it to work correctly when set as a scheduled task. This is what the command basically looks like:powershell -executionpolicy bypass -command "& 'pathtofile\script.ps1' -evtid 8004"The latter part is the customer...
    This topic first appeared in the Spiceworks Community

  • How can I copy a file through a logon script with UAC enabled ?

    Hello,
    I have a batch that is copying a file to "%public%\desktop\" (windows 7) folder through a logon GPO (GPO from user configuration).
    Everytime I try, I have an "access denied". I know it is because UAC and I don't want to disable it.
    Through explorer.exe, I can copy this file with no problem with this same account.
    How can I copy a file to such folder through group policy please ?
    I dont want to use GPP as the script is used on WinXP too and I dont have the hotfix to support GPP on this operating systems.
    Thank you

    > I have a batch that is copying a file to "%public%\desktop\" (windows 7)
    > folder through a logon GPO (GPO from user configuration).
    > Everytime I try, I have an "access denied". I know it is because UAC and
    > I don't want to disable it.
    Since you are copying to a non-user specific-directory, I'd recommend
    using a startup script instead...
    Martin
    Mal ein
    GUTES Buch über GPOs lesen?
    NO THEY ARE NOT EVIL, if you know what you are doing:
    Good or bad GPOs?
    And if IT bothers me - coke bottle design refreshment :))

  • Powershell startup scripts fail on Windows 8.1 with error 267

    GPO Powershell startup script fails to execute on Windows 8.1, but does run on Windows 8 and Windows 7. Powershell logon scripts run normally on all versions of Windows.
    The event log contains entries with event ID 1130 from the GroupPolicy source. The log entries claim error 267 "directory name is invalid".
    Running cmd.exe on Windows 8.1 under the computer's account (NT Authority\SYSTEM) confirms that the Powershell script's path in SYSVOL is valid and the script executes normally.
    Running procmon on Windows 8.1 while the startup script is being run on a computer shows that the computer caches the files and folders for this GPO into C:\Windows\system32\GroupPolicy.
    I am not sure why these scripts are failing to execute on Windows 8.1 when they run on Windows 8 and the same set of GPOs are applied to both Windows 8.1 and Windows 8 computers.

    These are all good suggestions, but I have already tried to eliminate:
    All environment variables
    All network paths
    Setup the GPO to reference the script by the file name and with a full absolute path. Neither worked.
    Tried copying the scripts to multiple folders inside the policy, since the event log message reports only the root path of the policy.
    I also used procmon to monitor how the computer handles the startup scripts. I found that the computer caches them into a folder under C:\Windows\System32, but never runs any of them. I never found an error that I could correlate with the event log.
    For instance the following one line scripts failed to run:
    'I AM HERE.' | sc -path C:\Windows\TEMP\TEST.txt
    write-host 'I AM HERE.'
    As far as I can see the first script relies on the existence of C:\Windows\TEMP and write permission to it, which SYSTEM should have.
    The second one liner has no dependencies at all and it doesn't run with the same error.
    I have created multiple GPOs and scripts, so if there was a problem in creating these files and folders it is happening over and over. I checked the permissions and computer accounts have read and execute permissions all throughout the GPOs.
    Everything works perfectly on Windows 7 and 8, just not on 8.1.

  • Logon failure with username/password authentication in WLE 5.1

    Hi,
    I have WLE 5.1 configured and running on a Win2K system. I am able to
    build and run the simpapp sample program. I am also able to build the
    interceptor_cxx sample and run with all interceptors other than the
    security interceptor. What I realised in this case was that the
    PersonQueryClient did not perform any login of a user from which the
    security interceptor could extract user ID information (have I missed
    something? I am a WLE and CORBA newbie) so I modified the ubb config
    file to define SECURITY as USER_AUTH and add the AUTHSVC, modified
    personqueryclientc.cpp to get access to the SecurityLevel2 principal
    authenticator, built the app, created a user with the tpussradd command,
    and ran the app (the AUTHSVC successfully starts).
    The Tobj::AuthType returned by the get_auth_type method of the
    PrincipalAuthenticator is Tobj::TOBJ_APPAUTH as I expect. I call the
    logon method with the parameters (user_name, argv[0], sys_password,
    password, 0) where user_name is the same as the user I created with the
    tpusradd command, argv[0] is personqueryclient (I've tried tpusradd'ing
    the user both with the "-c personqueryclient" argument and without),
    sys_password is the password I specified when tmloadcf was run against
    the modified ubb config file, password is the password I specified when
    I ran tpusradd. The logon always fails returning
    Security::SecAuthFailure. In the ULOGxxxx file the following message is
    displayed:
    181605.NUMBAT!TMSYSEVT.2180: LIBTUX_CAT:1484: WARN: .SysClientSecurity:
    User tbartley on SITE1 authentication failure
    I've tried running in the following manners all with the same result:
    1. With or without the security_cxx interceptor registered
    2. With the user in or not in a group
    3. With the the user created using the "-c personqueryclient" arg to
    tpusradd or not
    If I change the security level down to APP_PW then everything works and
    the security_cxx interceptor sees a client name of personqueryclient and
    a username of personqueryclient. The logon fails if I use a sys_password
    other than the one specified to tmloadcf and succeeds if I use the
    correct password.
    Can anyone tell me what I might be doing wrong in the username/password
    authentication case?
    Here's the code I inserted to personqueryc.cpp to perform the logon:
    // Get SecurityCurrent object
    CORBA::Object_var var_security_current_oref
    = bootstrap.resolve_initial_references("SecurityCurrent");
    SecurityLevel2::Current_var var_security_current_ref =
    SecurityLevel2::Current::_narrow(var_security_current_oref.in());
    // Get the principal authenticator
    SecurityLevel2::PrincipalAuthenticator_var
    var_principal_authenticator_oref =
    var_security_current_ref->principal_authenticator();
    char user_name[100] = "";
    char password[100] = "";
    char sys_password[100] = "";
    // Narrow to a BEA Principal Authenticator
    Tobj::PrincipalAuthenticator_var v_bea_pa =
    Tobj::PrincipalAuthenticator::_narrow(var_principal_authenticator_oref.in());
    // See what level of logon has been turned on
    Tobj::AuthType auth_type = v_bea_pa->get_auth_type();
    cout << "Auth type: ";
    switch (auth_type) {
    case Tobj::TOBJ_APPAUTH: cout << "TOBJ_APPAUTH"; break;
    case Tobj::TOBJ_SYSAUTH: cout << "TOBJ_SYSAUTH"; password[0] = '\0';
    break;
    case Tobj::TOBJ_NOAUTH: cout << "TOBJ_NOAUTH"; break;
    default: cout << "TOBJ_<unknown>"; break;
    cout << endl;
    cout << "Username: ";
    cin >> user_name;
    switch (auth_type) {
    case Tobj::TOBJ_APPAUTH: {
    cout << "User password: ";
    cin >> password;
    // fall through
    case Tobj::TOBJ_SYSAUTH: {
    cout << "App password: "; cin >> sys_password;
    break;
    default: {
    break;
    // now that we've got all the data necessary, logon
    Security::AuthenticationStatus status =
    v_bea_pa->logon(user_name,
    argv[0],
    sys_password,
    password,
    0); // user data
    cout << "Logon result: ";
    switch (status) {
    case Security::SecAuthSuccess: cout << "SecAuthSuccess"; break;
    case Security::SecAuthFailure: cout << "SecAuthFailure"; break;
    case Security::SecAuthContinue: cout << "SecAuthContinue"; break;
    case Security::SecAuthExpired: cout << "SecAuthExpired"; break;
    default: cout << "SecAuth<unknown>"; break;
    cout << endl;
    if (status != Security::SecAuthSuccess) {
    cerr << "Invalid password." << endl;
    exit(1);
    Here are the entries I added to the ubb config file:
    *RESOURCES
    SECURITY USER_AUTH
    AUTHSVC AUTHSVR
    *SERVERS
    AUTHSVR SRVGRP=SYS_GRP SRVID=6 RESTART=Y GRACE=600 MAXGEN=2 CLOPT="-A"
    I do not have the WLE Security Services installed (i.e. the package
    that provides SSL and crypto). Is this required? It's not clear to me
    from the documentation if this is required for username/password based
    authentication or not.
    Thanks for any help,
    Tim Bartley

    Hi Michael
    I am using SSL in my application. So that it asks for the certificate username
    and password while startup. But now i want to mention the username and password
    in weblogic.properties file itself. So that the client need not have to provide
    the username and password everytime. I am using weblogic server 5.1 version.
    How do i do this?
    Hope my question is clear. Please help.
    with regds
    siva
    Michael Young <[email protected]> wrote:
    Hi.
    It's not 100% clear to me what you are asking for. Do you want authentication
    turned off for
    your application? That will certainly turn off prompting for authentication
    information. You
    can set your ACL for your application (in your properties file) to allow
    everyone to execute
    it. Something like:
    weblogic.allow.execute.<myApplication>=everyone
    But maybe you want some kind of silent authentication so that not everyone
    can execute your
    app? I suppose you could pass authentication info in a cookie. I really
    don't know enough
    about your application, though.
    I suggest you post this question in weblogic.developer.interest.security
    - you have a better
    chance of getting an answer there for security related questions.
    Hope this helps.
    Michael
    siva wrote:
    Hi all,
    I have the following requirements. I have an application which asksfor the authentication
    information like username and password at first. The application isrunning in
    weblogic5.1 server. Is there a way where in weblogic.properties file,i mention
    the username and password so that the application will not ask forin the browser.
    please help. It's urgent.
    with regds
    siva--
    Developer Relations Engineer
    BEA Support

  • What is the best way to run a powershell script with parameters in the Task Scheduler?

    Hello, 
    Want to run the following from a scheduled task in the Task Scheduler on a server.  What is the best approach?
    .\pscript.ps1 -csvfile "\\Srv1\Share\File.txt"
    Thanks for your help! SdeDot

    Hi,
    To run a powershell script with parameters in the Task Scheduler:
    Program: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    Add argument (optional): -Command "& c:\scripts\test.ps1 -par1 2 -par2 3"
    Hope the below two articles be helpful for you:
    Schedule PowerShell Scripts that Require Input Values
    https://blogs.technet.com/b/heyscriptingguy/archive/2011/01/12/schedule-powershell-scripts-that-require-input-values.aspx
    How to Schedule a PowerShell Script
    http://dmitrysotnikov.wordpress.com/2011/02/03/how-to-schedule-a-powershell-script/
    Regards,
    Yan Li
    Regards, Yan Li

  • Powershell User logon script not Exiting With "Exit" scripts are set to be visible in GPO

    I am trying to run this script as a user logon script and it is set to visible to the user. There are other parts of the script but It won't ever Exit. It works fine if I run it directly I only have the trouble when it is in the logon script. I'm thinking
    of tryin "Kill -Id $PID" but I'm sure I'll get a bad return code.
    Has anyone else experienced this or hav any ideas what I could try?
    If (Test-Path U:){
    Robocopy U:\ $Destination /E /move /XF "*.inf"
    New-Item -Path HKCU:\Software\test\test -Name Test –Force
    Else{
    Exit
    Else{
    New-Item -Path HKCU:\Software\test\1 -Name Test1 –Force
    Exit       #here is where it will not stop!
    Exit

    Sorry, I did mention this was only a subset of the complete script.
    So, what I am trying to accomplish in words.
    1. Check for the existence of a certain folderon the c: Drive (that is created as apart of a different process)
    2.  Look to see if a registry key exisits that tells the script if it should run or not. So if certain registry key exists under HKCU then don't run if not continue.)
    3. The first time a user logs in and does not find the value that the process is allready complete show the user a message box aski9ng them if they are ready to do (something) if not write a registry key saying step one has completed and then quit.
    4. When the user logs in again the script looks to see if the process is complete and or if step one is complete, if step one is complete it allows the user to skip the process 2 more times but on the forth login forces the user to complete the process and
    writes the final registry key that it is complete.
    Like I say I have this all working correctly if I manually have the user run it. I just don't know why Exit is not being recognized when in the users login script processing of the script. I appreciate your reply and any direction you can point me to.

  • VMware PowerCli PowerShell Script - Stack Functions

       
    Using this as a starting block.
    http://pubs.vmware.com/view-52/index.jsp?topic=%2Fcom.vmware.view.integration.doc%2Fview_integration_powershell.5.7.html
    I want to combine two of the functions, and have the variables use ".txt" files with my new and old datastores listed.
    I've edited it a bit, combining the two functions, and creating variables for new and old lists, but I'm not sure if the context I used is correct, or if I can just paste the functions together like this.
    Before I run this against my VMware View Connection server, anything stand out as wrong?
    # A PowerShell function to add new, then remove old datastores from an automatic pool.
    # UpdateDatastoresForAutomaticPool
    # Parameters
    # $Pool Pool ID of pool to be updated.
    # $OldDatastore Full path to OldDatastore.txt to be removed.
    # $NewDatastore Full path to NewDatastore.txt to be added.
    $Pool = "C:\powercli\PersistentPools.txt"
    $OldDatastore = "C:\powercli\OldDatastore.txt"
    $NewDatastore = "C:\powercli\NewDatastore.txt"
    function RemoveDatastoreFromAutomaticPool
    { param ($Pool, $OldDatastore)
    $PoolSettings = (Get-Pool -pool_id $Pool)
    $currentdatastores = $PoolSettings.datastorePaths
    $datastores = ""
    foreach ($path in $currentdatastores.split(";")){
    if(-not ($path -eq $OldDatastore)){
    $datastores = $datastores + "$path;"
    Update-AutomaticPool -pool_id $Pool -datastorePaths $datastores
    function AddDatastoreToAutomaticPool
    { param ($Pool, $NewDatastore)
    $PoolSettings = (Get-Pool -pool_id $Pool)
    $datastores = $PoolSettings.datastorePaths + ";$NewDatastore"
    Update-AutomaticPool -pool_id $Pool -datastorePaths $datastores
    Thanks,
    -Matt
    There's no place like 127.0.0.1

    Other than the specific commandlets of "Update-AutomaticPool -pool_id -datastorePaths", this is PowerShell script, right?
    I'm not looking for support for the functions themselves.  But VMware only gives these scripts as individual functions.
    I want to stack their functions one after another in a script, and use text files with lists of data, instead of specifying them one at a time to the script.
    Function 1 as supplied by VMware
    Define a PowerShell function to add a datastore to an automatic pool.
    # AddDatastoreToAutomaticPool
    # Parameters
    # $Pool Pool ID of pool to be updated.
    # $Datastore Full path to datastore to be added.
    function AddDatastoreToAutomaticPool
    { param ($Pool, $Datastore)
    $PoolSettings = (Get-Pool -pool_id $Pool)
    $datastores = $PoolSettings.datastorePaths + ";$Datastore"
    Update-AutomaticPool -pool_id $Pool -datastorePaths $datastores
    Function 2 as supplied by VMware
    Define a PowerShell function to add a datastore to an automatic pool.
    # AddDatastoreToAutomaticPool
    # Parameters
    # $Pool Pool ID of pool to be updated.
    # $Datastore Full path to datastore to be added.
    function AddDatastoreToAutomaticPool
    { param ($Pool, $Datastore)
    $PoolSettings = (Get-Pool -pool_id $Pool)
    $datastores = $PoolSettings.datastorePaths + ";$Datastore"
    Update-AutomaticPool -pool_id $Pool -datastorePaths $datastores
    I'm just looking for advise as to weather I'm approaching this from the right angle.
    In my original post I made an attempt at pasting them together, then editing the parameter lines to use a text file instead of supplying an individual entry on the cmd line with the script.   I think I did it right, but I'm not sure if the way these
    functions are written, that they will parse through each of the text files.
    Thanks,
    -Matt
    There's no place like 127.0.0.1

  • Help with logon script

    Hi
    We have a legacy reporting app (Crystal Distribution 8.5) that relies on DLLs to export data from it to other apps such as Excel.
    In XP/2003 the DLLs are installed and accessed from the WINDOWS & System32 directory but due to changes that MS made in Vista/2008 and higher the DLLS need to be installed in the user's local profile for the app to work properly on Vista/2008+.  Example:
    C:\Users\user.name\WINDOWS\Crystal
    This has been easy to manage for the few users on Win 7 workstations but we are now making the move to Server 2008R2 RDS.  Therefore using a script to put these DLLs in the right place via Group Policy when a user logs on to an RDS server (there will be
    multiple and they will be load balanced) seems the logical answer.
    I am not however an expert on scripting by any means.  I can just about manage a logon script to map a network drive.  Could do with some help on:
    > A logon script that runs once per server per user that I can deploy with a GPO
    > The script needs to create a directory in their local user profile path (as previously mentioned) and copy a list of DLLs to it (or just copy the "Crystal" folder to the WINDOWS folder in their local profile).
    Many thanks

    Hi Flanjman,
    If the servers are deployed on server 2008 R2+, you can try a powershell script, and the script below may be helpful for you, which can create a new directory and copy the local folder to the new created folder:
    $newfolder = "C:\Users\user.name\WINDOWS\Crystal"
    New-Item -Path $newfolder -ItemType directory #create new folder
    copy-item -Path d:\test1 -Destination $newfolder -Force -Recurse #copy all the files in the folder
    Then please save the script above as .ps1 file, and follow this article to deploy in GPO:
    Start Me Up: Scripting a Logon with PowerShell
    Please also note, if the powershell execution policy on all the servers haven't been set to allow to run a powershell script locally, you also need delopy the execution policy in GPO firstly:
    Computer Configuration\ Administrative Templates\ Windows Components\ Windows Powershell" and configure the "Turn on script execution" setting, and choose "Allow local script and remote signed scripts"
    If you have any feedback on our support, please click here.
    Best Regards,
    Anna
    TechNet Community Support

  • Which is better approach to manage sharepoint online - PowerShell Script with CSOM or Console Application with CSOM?

    Which is better approach to manage sharepoint online - PowerShell Script with CSOM or Console Application with CSOM?
    change in sharepoint scripts not require compilation but anything else?

    Yes, PowerShell is great, since you can quick change your code without compilation.
    SP admin can write ps scripts without specific tools like Visual Studio.
    With powershell you can use cmdlets,
    which could remove a lot of code, for example restarting a service.
    [custom.development]

  • Call a Graphical Calc view with input Parameters from a Script Based Calc View

    Hi All.
    I am trying to call a graphical calculation view with input parameters from a script based calculation view as below but getting syntax error:
    SESSION_SAMPLE = SELECT SESSION_CREATE_DATE,SHA256,CA_MEASURE
                                 FROM "_SYS_BIC"."WILDFIRE/CV_SESSION_SAMPLE"
                                 WITH PARAMETERS  ('PLACEHOLDER' = ('$$IP_START_DATE$$',:START_DATE),
                                     'PLACEHOLDER' = ('$$IP_END_DATE$$',:END_DATE));
    START_DATE  and END_DATE are input parameters of the script based calculation view.
    Can anyone please help me with the correct syntax for accomplishing this?
    Thanks,
    Goutham

    Hi Gautham,
    One more option  what i would like you to try is the below option , here i have just changed the order of passing nothing else.
    SESSION_SAMPLE = SELECT SESSION_CREATE_DATE,SHA256,CA_MEASURE
                                 FROM "_SYS_BIC"."WILDFIRE/CV_SESSION_SAMPLE"
                                   ('PLACEHOLDER' = ('$$IP_END_DATE$$','$$END_DATE$$'),
                                  'PLACEHOLDER' = ('$$IP_START_DATE$$','$$START_DATE$$'))
    Regards,
    Vinoth

  • Question about function with in parameters

    Hello,
    I have a question about functions with in-parameters. In the HR schema, I need to get the minimum salary of the job_id that is mentioned as an in-parameter.
    this is what I am thinking but I dont know if it's correct or not or what should I do next!
    create or replace function get_minimum_salary (i_job_id in varchar2)
    return number
    as
    begin
    SELECT min_salary INTO min_sal
    FROM jobs
    where job_id = get_minimum_salary(xy);
    RETURN i_job_id;
    end get_minimum_salary;
    thanks in advance
    EDIT
    Thanks for your help all.
    Is it possible to add that if the i_job_id which is the in type parameter does not have a minimum salary then use the following function to register an error:
    create or replace procedure insert_error (i_error_code in number,
                                                      i_error_message in varchar2)
    as
    begin
    insert into error_table (error_user, error_date, error_code, error_message)
    values (user,sysdate,i_error_code,i_error_message);
    end insert_error;
    This function is basically to say that an error has occured and to register that error, at the same time I need to print out the error using the dbms_out.put_line.
    Any ideas of how to do that?
    Thanks again
    Edited by: Latvian83 on Jun 1, 2011 5:14 AM

    HI
    I have made little bit changes in ur code. try this
    create or replace function get_minimum_salary (i_job_id in varchar2)
    return number
    as
    v_Min_sal jobs.salary%type=0;---- Variable declaration
    begin
    SELECT min_salary INTO v_ min_sal
    FROM jobs
    where job_id = i_job_id;
    RETURN v_Min_sal;
    end get_minimum_salary;
    Regards
    Srikkanth.M

Maybe you are looking for

  • My Final cut wont load up anymore!!??

    when i click the icon to open it up, it acts like its about to and the little icon bounces up and down and then it stops! i even tried installing it again, i dont know what to do. Please help!

  • Cfgrid in Cf7

    Hi, I have the search page for user to search the purNO and display resutls in the list.  I am tring to do the paging but keep got an error for cf 7 not supported the PAGESIZE,BIND.  Please advice with the code below to have it works in colfusion 7.

  • Packaging wizard failed : unauthorized 401 ???

    Hello, At the end of the packaging wizard (10g) when I want to publish my new application, I receive the following message : WTG-20502 Packaging wizard failed 401 unauthorized Why ??? Thanks for your answers.

  • Is there any rhyme or reason to order in which app updates are displayed?

    I posted this on the iPhone forum a while ago, with no useful response. I'm asking again here, because it is equally applicable to iPad. Is it completely random, or is there an order I am unaware of? I would expect to see app updates displayed by dat

  • Mail password not accepted

    I entered the correct password in the password dialogue in Mail, but continue to be asked for the password