登录脚本已应用但未运行

tag-icon tag-icon group-policy vbscript
登录脚本已应用但未运行

使用这个回答,我能够确认登录脚本已应用于我的用户帐户,但它无法运行。我可以运行,gpupdate /force但我的 PC 已将帐户连接到不同的域,我不知道如果我这样做会发生什么。我的代码仅包含一个简单的WScript.Echo测试目的。我使用测试服务器的活动目录上的 GPO 进行设置。

更新:

重启电脑后,我的新登录脚本仍然不起作用。这是我当前的代码。现在,我通过在 上进行设置使其仅适用于我的帐户Profile

Set oShell = CreateObject("WScript.Shell")
strHomeFolder = oShell.ExpandEnvironmentStrings("%USERPROFILE%")

Set objFSO=CreateObject("Scripting.FileSystemObject")
strLogFile = strHomeFolder & "\Documents\test_logon.txt"

WScript.Echo "strLogFile: ", strLogFile

Set objFile = objFSO.CreateTextFile(strLogFile, True)
objFile.Write "test logon" & vbCrLf
objFile.Close

由于登录脚本仍然无法从 运行Profile,我将其改为直接使用GPO。当我这样做时gpresult /v,它就显示在那里。

当我运行时gpresult /h result.htm,出现错误。

收集管理模板的数据时出现错误。

The following errors were encountered:
Resource '$(string.Advanced_EnableSSL3Fallback)' referenced in attribute displayName could
not be found. File C:\Windows\PolicyDefinitions\inetres.admx, line 795, column 308

这是什么意思?我当前连接的测试服务器是 Windows Server 2012 R2。

这是结果.htm

Group Policy Results
DOMAIN\Emp1
Data collected on: 6/14/2019 4:24:53 PM 
Summary
    Computer Configuration Summary
        No data available.
    User Configuration Summary
        General
            User name   DOMAIN\Emp1
            Domain  DOMAIN.ed
            Last time Group Policy was processed    6/14/2019 3:27:15 PM
        Group Policy Objects
            Applied GPOs
            Name    Link Location   Revision
            Company WallPaper_GPO   DOMAIN.ed   AD (4), Sysvol (4)
            User_Manual_Test_GPO    DOMAIN.ed/IT TEAM   AD (4), Sysvol (4)
            ITTEAM_GPO  DOMAIN.ed/IT TEAM   AD (4), Sysvol (4)
        Denied GPOs
            Name    Link Location   Reason Denied
            Local Group Policy  Local   Empty
            Default Domain Policy   DOMAIN.ed   Empty
        Security Group Membership when Group Policy was applied
            DOMAIN\Domain Users
            Everyone
            BUILTIN\Users
            BUILTIN\Performance Log Users
            NT AUTHORITY\INTERACTIVE
            CONSOLE LOGON
            NT AUTHORITY\Authenticated Users
            NT AUTHORITY\This Organization
            LOCAL
            Authentication authority asserted identity
            Mandatory Label\Medium Mandatory Level
        WMI Filters
            Name    Value   Reference GPO(s)
            None
        Component Status
            Component Name  Status  Last Process Time
            Group Policy Infrastructure Failed  6/14/2019 3:27:33 PM
            Group Policy Infrastructure failed due to the error listed below.

            The network is not present or not started. 

            Note: Due to the GP Core failure, none of the other Group Policy components processed their policy. Consequently, status information for the other components is not available.

            Additional information may have been logged. Review the Policy Events tab in the console or the application event log for events between 6/14/2019 3:27:15 PM and 6/14/2019 3:27:33 PM.
            Registry    (N/A)   6/4/2019 7:06:55 PM
            Scripts (N/A)   6/14/2019 1:55:16 PM
Computer Configuration
    No data available.
User Configuration
    Policies
        Windows Settings
            Scripts
                Logon
                    Name    Parameters  Last Run    Script Order in GPO Winning GPO
                    testLogon.vbs           Not configured  User_Manual_Test_GPO
    Administrative Templates
        An error has occurred while collecting data for Administrative Templates.

        The following errors were encountered:
        Resource '$(string.Advanced_EnableSSL3Fallback)' referenced in attribute displayName could not be found. File C:\Windows\PolicyDefinitions\inetres.admx, line 795, column 308

我不知道这是否是问题的其他原因,但我当前使用的测试服务器由于某种原因不断崩溃。

今天,6 月 15 日,我重新运行gpresult /h result.htm并在组件状态下收到错误。

由于下列错误,组策略基础结构失败。

指定的域不存在或无法联系。

注意:由于 GP Core 故障,其他组策略组件均未处理其策略。因此,其他组件的状态信息不可用。

可能已记录其他信息。查看控制台中的“策略事件”选项卡或应用程序事件日志中 2019 年 6 月 15 日下午 3:37:44 至 2019 年 6 月 15 日下午 3:37:49 之间的事件。

我应该在哪里查看应用程序事件日志?是在事件查看器中吗?我似乎无法在那里找到“应用程序”事件日志。rsop.msc即使我以管理员身份运行它,似乎也没有查看计算机权限的权限。只需运行它,就会显示我确实拥有在 GPO 上设置的 2 个登录脚本。

这可能是根文件夹权限问题吗?我认为不是。我使用的域用户帐户拥有完全权限。

答案1

尝试写入文件而不是回显到控制台。根据设置方式,它可能在您永远看不到的隐藏会话中运行,或者只是快速完成然后关闭而您错过了它。

不用担心,gpupdate /force不管有没有其他账户,这种情况最终都会发生;它可能已经发生了。每次重启机器时都会发生这种情况。如果策略不更新,您肯定永远不会看到新脚本。

根据更新,您应该查看此部分:

Group Policy Infrastructure failed due to the error listed below.

        The network is not present or not started.

Note: Due to the GP Core failure, none of the other Group Policy components processed their policy. Consequently, status information for the other components is not available.

Additional information may have been logged. Review the Policy Events tab in the console or the application event log for events between 6/14/2019 3:27:15 PM and 6/14/2019 3:27:33 PM.
Registry    (N/A)   6/4/2019 7:06:55 PM
Scripts (N/A)   6/14/2019 1:55:16 PM

为了可能的解决方案,请尝试以下策略:

Computer Configuration\Administrative Templates\System\Logon\Always wait for the network at computer startup and logon

相关内容