Registered: 2003-08-29
Posts: 27
Loc: Emeryville, CA
Hi everyone, I am having a few problems with my login scripts. I am trying to force an install of Symantec Anti-Virus on machines that do not already have it installed. I am using Symantec's provided vplogon.bat, but the shell function is not running. I am also getting errors in Application Event Logs on my machine when I login. The errors are: The description for Event ID ( 1722 ) in Source ( KIXTART ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: UserGetLocalGroups failed Error : The RPC server is unavailable. (0x6ba/1722).
The description for Event ID ( 1332 ) in Source ( KIXTART ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: GetPrimaryGroup failed Error : No mapping between account names and security IDs was done. (0x534/1332).
The description for Event ID ( 1332 ) in Source ( KIXTART ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: GetPG: LookupAccountSid failed Error : No mapping between account names and security IDs was done. (0x534/1332).
The description for Event ID ( 53 ) in Source ( KIXTART ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: UserModalsGet failed Error : The network path was not found. (0x35/53).
The description for Event ID ( 53 ) in Source ( KIXTART ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: UserGetInfo failed Error : The network path was not found. (0x35/53).
Here is the script (The Anti-Virus is towards the bottom).
;************************************************************************* ; Script Name: Logon.bat ; Author: Aaron Perrault ; Date: 11/16/2005 ; Description: Logon Script for EVault Corp. ;************************************************************************* ; Small Color b+/n Box (0,0,24,90,GRID) ; 'background grid' Color b/n Box (8,21,18,71,Å) ; 'shadow' of the box Color g+/n Box (7,20,17,70,FULL) ; Color w+/n AT ( 9,25) "Userid : " ; display some text strings AT (10,25) "Full name : " AT (11,25) "Privilege : " AT (12,25) "Workstation : " AT (13,25) "Domain : " AT (14,25) "Logon Server : " AT (15,25) "Operating System : " ; Color y+/n AT ( 9,45) @userid ; ...and some macro's AT (10,45) @fullname AT (11,45) @priv AT (12,45) @wksta AT (13,45) @domain AT (14,45) @lserver AT (15,45) @ProductType ; ;Drive Mapping Section: ; Use J: "\\ev-fps\public" ; If (InGroup ("GRP-Accounting-Main") OR InGroup ("Grp-Finance") OR InGroup ("Domain Admins")) Use g: "\\ev-fps\accounting$" EndIf ; If (InGroup ("GRP-Alliance") OR InGroup ("alliance") OR InGroup ("Domain Admins")) Use H: "\\ef-fps\alliance$" EndIf ; If (InGroup ("GRP-Business Development") OR InGroup ("Domain Admins")) Use K: "\\ev-fps\busdev$" EndIf ; If (InGroup ("GRP-Contract") OR InGroup ("GRP-Contracts-Read Only") OR InGroup ("Domain Admins")) Use L: "\\ev-fps\contracts$" EndIf ; If (InGroup ("GRP-Marketing") OR InGroup ("GRP-Marketing Bus Dev") OR InGroup ("Marketing") OR InGroup ("Domain Admins")) Use M: "\\ev-fps\marketing$" EndIf ; If (InGroup ("GRP-ExecAdmin") OR InGroup ("GRP-General Exec Administration") OR InGroup ("Domain Admins")) Use N: "\\ev-fps\ExecAdmin$" EndIf ; If (InGroup ("GRP-Operations") OR InGroup ("Domain Admins")) Use O: "\\ev-fps\Operations" EndIf ; If (InGroup ("GRP-License") OR InGroup ("GRP-General Exec Administration") OR InGroup ("Domain Admins")) Use W: "\\ev-fanda\license$" EndIf ; If (InGroup ("GRP-Human Resources") OR InGroup ("GRP-Human Resources-Read Only") OR InGroup ("Domain Admins")) Use Q: "\\ev-fps\hr$" EndIf ; If (InGroup ("GRP-Europe") OR InGroup ("Domain Admins")) Use R: "\\ev-fps\europe$" EndIf ; If (InGroup ("GRP-PreSales") OR InGroup ("GRP-Direct Sales") OR InGroup ("GRP-Sales") OR InGroup ("GRP-Teleprospecting") OR InGroup ("GRP-Teleprospecting Restricted") OR InGroup ("sbe.sales") OR InGroup ("sbe-support") OR InGroup ("Domain Admins")) Use s: "\\ev-fps\Sales$" EndIf ; If (InGroup ("GRP-Product Development") OR InGroup ("Domain Admins")) Use T: "\\ev-fps\ProdDev$" EndIf ; If (InGroup ("GRP-Emeryville Engineering") OR InGroup ("Domain Admins")) Use U: "\\ev-fps\EE$" EndIf ; If (InGroup ("GRP-Commissions") OR InGroup ("Domain Admins")) Use V: "\\ev-fps\commissions$" EndIf ; If (InGroup ("GRP-Evault Admin") OR InGroup ("Domain Admins")) Use Y: "\\ev-fps\EvVault$" EndIf ; If (InGroup ("GRP-Evault-Solutions") OR InGroup ("Domain Admins")) Use W: "\\ev-fps\solutions$" EndIf ;
#153965 - 2005-12-2303:46 AMRe: Couple of problems with login script
NTDOCNTDOC Administrator
Registered: 2000-07-28
Posts: 11624
Loc: CA
You can ignore the errors in the Event viewer for KiXtart as those are normal due to how calls are made. There is a DLL file you could install from Tripoli if wanted but just ignore for now.
1. What version of KiXtart are you using? 2. Is the Domain NT4 or Active Directory? 3. Are the workstations all NT and above ? 4. Do your clients have local admin rights on their systems?
As Jens pointed out there are a few commands that can not be run by users unless they have local admin rights.
Before I make too many suggestions please answer the above questions.
Thanks
I'd do away with the vplogon.bat file myself and use anothe method which we can discuss once we know more about your environment.
Registered: 2003-08-29
Posts: 27
Loc: Emeryville, CA
OK, let me answer all of the questions.
I am running the most recent version of Kix32. I downloaded it about 2 months ago. We are in a Windows 2003 Native Active Directory. All of my machines are Windows XP Pro, and my users do have Administrative Privs.
AS for what Les was talking about. I dont believe that I have any WINS or GC errors, or at least nothing else in my environment is reporting any problems. my MOM is not reporting any problems.
Any help is appreciated. Thanks guys for all this help.
Registered: 2003-08-29
Posts: 27
Loc: Emeryville, CA
I know that MOM is a poor comparison. I also know about the parens. I actually was thinking about that on the way home. I posted the message shortly before I left for the day, and as I was driving home, I said to myself. I think the guys in the forum are going to be pissed, because the made suggestions last time, and I dont think I took all of them. I havent gotten around to this, we had other fires to put out, and since this is a quiet week, I figured that I would finally finish this project.
Any help would be greatly appreciated (and implimented)
I dropped Symantec years ago so I don't know how much it may have changed but back in teh early years when I did use it, I had to rewrite the functionality of vplogon.bat in KiX rather than SHELL to it. That was back in the Wintendo years. After we dumped the Wintendos, I dropped having it in the logon script altogether. The SSC is quite capable of pushing out SAV.
There is also no need for SetTime. AD and the Windows Time Service takes care of that.
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Registered: 2003-08-29
Posts: 27
Loc: Emeryville, CA
Thanks for the help Doc. I know that the file is not logon.bat. Originally I was going to re-write the logon.bat file that the previous admin put together, but I decided against it and went with Kix. I have some questions about the UDFs. I do not really understand how they work. Do I just put them in the script and they work? Do I need any additional files in my scripts folder? I have not been able to locate any info on using the silent install switches for the Symantec install on version 10. I know that they used to have it in version 7 and 8, but someone mentioned that there are problems with running the MSI directly in version 10, but I havent done a lot of in depth research yet on that.
I will let you guys know if I have more questions. Thanks much for the help and have a Merry Christmas, Happy Holidays etc.
#153979 - 2005-12-2307:13 PMRe: Couple of problems with login script
NTDOCNTDOC Administrator
Registered: 2000-07-28
Posts: 11624
Loc: CA
Sorry Maciep missed that one.
Aaron the SAV10 has install switches as well.
Here is an example of installing SAV10 without any cancel buttons. The user can see it installing, but can't stop it. Then it reboots the computer when done.
Registered: 2003-08-29
Posts: 27
Loc: Emeryville, CA
Hey guys, thanks for all the help. I am almost there. I am getting ready to leave for the long weekend. I will work more with this on Tuesday. Thanks for everything. All that i need to do know is look in the registry to see if SAV is already installed or not.
