Fatboy40 Posted November 27, 2007 Share Posted November 27, 2007 I've never been 100% certain in regards to under what user a logon script is run as when it is called via a group policy ? (for this example its a Windows Server 2003 network with XP clients).Does a login script run under the account of the user who is logging in, and therefore come under the effect of the various rights that they have localy on their PC ?. For example if they are just in the local users group and a script calls for files to be copied to the local PC will the copy fail ?.Thanks Link to comment Share on other sites More sharing options...
FAT64 Posted November 27, 2007 Share Posted November 27, 2007 (edited) I think that there are only 2 possible account candidates: the user account of the person logging on or the SYSTEM account. My gut feeling would go with the SYSTEM account. Anyone care to offer an alternative suggestion?Edit:After much Google-ing, it seems that Startup and Shutdown scripts certainly use the SYSTEM account, so maybe a Logon script uses the account of the person logging on; hence the name? Edited November 27, 2007 by FAT64 Link to comment Share on other sites More sharing options...
Fatboy40 Posted November 27, 2007 Author Share Posted November 27, 2007 After more digging around I agree with you FAT64, I need to run a startup script and ensure that the system accoutn has rights to any shares where I need to copy files from Link to comment Share on other sites More sharing options...
FAT64 Posted November 27, 2007 Share Posted November 27, 2007 After yet more Google-ing, I have come to the conclusion that Logon scripts simply use the account of the person logging on. B) Link to comment Share on other sites More sharing options...
cluberti Posted November 27, 2007 Share Posted November 27, 2007 Computer startup / shutdown scripts run as LOCAL SYSTEM, and user logon / logoff scripts run as that user. Link to comment Share on other sites More sharing options...
bennebiest Posted November 29, 2007 Share Posted November 29, 2007 (edited) For example if they are just in the local users group and a script calls for files to be copied to the local PC will the copy fail ?.If you configure a loginscript via group policy. This script will be executed if the user is a member of the OU where the GPO w/ the loginscript is linked.So if the user is just in the local users group (client XP machine), the loginscript will not be executed.edit: I didn't get your question right :-) Edited November 29, 2007 by bennebiest Link to comment Share on other sites More sharing options...
nmX.Memnoch Posted November 29, 2007 Share Posted November 29, 2007 For example if they are just in the local users group and a script calls for files to be copied to the local PC will the copy fail ?If you're trying to copy the file to a location where regular users don't have write access, yes, it will fail.We use SMS here at work, but unfortunately I don't have direct access to create/push packages using it (it's a complicated setup...). What we came up with was to use AdminScriptEditor to package scripts to run with alternate privileges. We've been using this to deploy updates to our PCs via the logon script with great success. Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now