Beginner question - Trying to create a simple logon script that executes when a Windows user logs on and copies a file from one folder to another. The OS is Windows 7.
This link says that logon scripts should go into
%SystemRoot%\System32\Repl\Import\Scripts folder.
I do not seem to have that folder in my machine. I created it manually and pushed the vbs file in there.
I also opened up computer management and assigned the script to a user. This is a standalone machine and has no network logons.
Code itself is simple and it works when the file is run except it is not getting called during logon.
Is this the right place to put the logon script? Am I doing something wrong.
Eventually I would like to be able to assign the logon script in C# using DirectoryEntry's LogonScript property. Any suggestions in the right direction would be of great help.
Windows has 2 default locatations for local logon scripts:
%SystemRoot%\System32\Repl\Import\Scripts for logon scripts assigned via lusrmgr.msc.
%SystemRoot%\System32\GroupPolicy\User\Scripts\Logon for logon scripts assigned via gpedit.msc.
Both paths don't exist in a default installation and must be created by an administrator.
lusrmgr.msc seems to accept only scripts with paths relative to the default location. For scripts assigned via gpedit.msc you can choose any path you like.
A (local) logon script must be assigned to a profile by one of the abovementioned methods, otherwise it won't be called at logon.
Related
I know you can use tsdiscon.exe and tscon.exe to connect to a user account via the command line.
I want to write a simple batch file to accomplish this, so I can have a shortcut on my desktop that will quickly and easily login to another user account on this system.
I share this computer with my in-laws, and they are not very computer literate. Currently there are many steps in switching to their account, and I want to make it more streamlined for them.
It's been awhile since I've written a batch file, but I am sure there is a way to run a simple IF/THEN statement, that would check to see if the user is logged in, then either log them in with the given credentials, or switch to that users profile.
I want to know the syntax to make this happen, so I can put the .bat file on the desktop for them to click on.
Is this possible?
Logging out to your account? Suppose impossible.
Suppose your user is usr1 and you save your batch file to, say, your desktop.
Then, by running this batch file, you run it as usr1.
If your batch file contains the log out statement, it therefore ends the user account, therefore terminating the batch file, thus not being able to run the batch file successfully.
However, switching to a different account could be possible.
Try this out, if it works.
Essentially, you're doing the following:
#echo off
taskkill /IM explorer.exe /F
runas /user:COMPUTERNAME\ACCOUNTNAME explorer.exe
(Replace COMPUTERNAME and ACCOUNTNAME with the current computer name and account name (i.e. C:\Users\ACCOUNTNAME) of your in-laws account)
If that's not what you wish, then, sorry, I can't help you.
The batch script I previously mentioned here
Just give your machine a simple name customise one line in script. Test from command prompt:
fus
If it works with win10 you should be able to create two shortcuts with commands:
fus.bat 1
and
fus.bat 2
I have to run automatically a batch file once a week to update a file.
To do so I have created a task with Windows Task Scheduler on the company Server with the following options:
Security Options: user me, run only when user is logged in, Configure for Windows Server 2012
Trigger: every Monday at 11.00am
Action: start a program (the path to the bat file with quote)
This configuration works fine. However I wish the update to happen even if I am not here.
So I tried to change to Security Options to:
User: administrator (with batch job rights)
Run whether user is logged on or not
Run with Highest privileges
Trigger and action are unchanged.
I have also entered the admin password when saving the task.
On the Task History the action and task are completed, but the bat file is not run and there is no update happening on my file.
The Last Run Result display:
Incorrect function (0x80070001).
Looking at other posts I have tried different combination:
Run with Highest privileges: ticked or not
The path to the bat file with or without quote
Try to add the path without quote in Start in (optional)
None of these worked. Any idea?
The code is working fine when activated manually. I am not sure what you mean by the command that start the batch.
In the Scheduler it is on the Action tab. The action is start a program and the details is the path to the file ...run.bat
When launch manually I right click on the file and select run as administrator.
Thank you in advance for your help.
Sylvie
had the same problem with a RScript.exe with batch .R file. Runs perfect with main user, also in command line, but when setting the 'run with different user account' it fails.
What I did: added the ScriptUser (an anonymous user that will work forever when I have left the building) to the group Power Users. (Ok, I don't think you are allowed to set it to Administrator). But local\powerusers did it for me. The strange 'Incorrect function' without any details is solved now.
V
I have been having similar issues with a new scheduled task I was setting up. I could run the .exe no problem by itself by clicking on it, but when task scheduler would run it, the app would execute instantly and return a success, but did not actually execute. For us, the solution was to include the Start in folder on the Action tab where you specify the application location. Leaving this value blank will default to the root directory where the most things do not have permission to run.
Task Scheduler Action Settings:
In matlab, I used a windows standalone application. There is a line in this application that writes a file in C:\...\...\. When I run the output exe file produced from this windows standalone application, the exe doesn't write in C:\...\...\ neither tells me that there is a security issues in that partition. All the execution does is nothing. But, when I right-click and run the exe as administrator, it runs correctly.
I want to do it without right-click and run as administrator. Are there is a command in matlab that can do that?
If you create a shortcut to your application, you can go to the Properties of the shortcut, click on Advanced in the Shortcut tab, and select "Run as administrator". That way, whenever you start the application from the shortcut it will be run as an administrator.
(Disclaimer: applications really shouldn't "foul their own nest" by writing into Program Files. This is bad design.)
Starting from Vista, unprivileged processes are not allowed to write to protected folders such as Program Files, because Program Files is designed to store code and not data. However, since this limitation has not been enforced in XP, MS has provided a backward-compatibility hack in the form of Virtual Store. Now, when a program tries to write to protected folder, its output is being redirected into a dedicated folder. This way, the program still "thinks" it writes to its usual location, while in fact it writes to an unprotected location. However, when you later check the Program Files location, you might not see the file - because it's not really there.
You can find more details here: User Account Control Data Redirection.
If you are administrator, add full control permission for your username to the destination folder. You do that by right clicking on the folder, going to properties and then security tab. Then edit and add you username with Full Control rights. Then you don;t have to run the the program as an administrator.
There is no way you can elevate a process once it is started, so Matlab cannot possibly have a command for that. Just running Matlab elevated.
I am working on a Windows application which needs to be able to update itself. When a button is pressed it starts the installer and then the parent application exits. At some point during the installer, the installer attempts to rename the directory that the parent application was running from and fails with "Access Denied" If you run the installer from the desktop it works.
I am using CreateProcess to start the installer, is there some way of using this or another API to create the installer completely independantly from the parent application so that it doesn't retain some attachment to the directory.
I'm not convinced that launching the installer separately will solve your issue. It sounds more like a permissions problem that you might be able to solve using ACL manipulation. If the app doesn't already have permissions to mess with that folder, you might be able to write a custom action to remedy the problem by adding the necessary permissions to your process.
Another way of doing this is to make sure that the directory deletion is happening within a custom action that you control (as in, you own/maintain the code that performs the deletion, rather than rely on MsiExec to do it for you). Then, set that custom action to run in the System context so that it will have the same permissions as a service. That should provide your installer with sufficient rights to remove the folder.
You should use the normal update system within the windows installer.
your access denied message appears because file/directory is in use.
renaming directories isn't also not a good idea.
what happened if the user clicks "repair" or "uninstall" ?
you can start the msi with shellexec. after that terminate you app immediately.
you should check that in the msi that your app is NOT running anymore.
do the update. if a file is in use the installer automatically wants to reboot to replace the stuff.
CreateProcess should work if you are passing it the right parameters. Don't reference the parent process in any way and set most things to NULL. If that doesn't work, then you can try WinExec().
Does anybody know if there is a feasible way on Windows XP to programmatically create and configure a user account so that after logging in from the console (no terminal services) a specific app is launched and the user is "locked" to that app ?
The user should be prevented from doing anything else with the system (e.g.: no ctrl+alt+canc, no ctrl+shift+esc, no win+e, no nothing).
As an added optional bonus the user should be logged off when the launched app is closed and/or crashes.
Any existing free tool, language or any mixture of them that gets the job done would be fine (batch, VB-script, C, C++, whatever)
SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon has two values
UserInit points to the application that is executed upon successful logon. The default app there, userinit.exe processes domain logon scripts (if any) and then launches the specified Shell= application.
By creating or replacing those entries in HKEY_CURRENT_USER or in a HKEY_USERS hive you can replace the shell for a specific user.
Once you ahve your own shell in place, you have very little to worry about, unless the "kiosk user" has access to a keyboard and can press ctrl-alt-del. This seems to be hardcoded to launch taskmgr.exe - rather than replacing the exe, you can set the following registry key
[SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
Debugger="A path to an exe file that will be run instead of taskmgr.exe"
I guess you're building a windows kiosk?
Here's some background in replacing the windows login shell - http://blogs.msdn.com/embedded/archive/2005/03/30/403999.aspx
The above link talks about using IE as the replacement, but any program can be used.
Also check out Windows Steady State - http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx