I have seen many posts on this website about something similar but none of them have had the resources to fix my issue so I will go into as much detail as I can. If I leave any information out let me know.
We have a server with an exe file on it to start an update for a software called Bluebeam. I wrote a script file to start that exe on startup and placed it in the same directory as the exe. Nothing happened when I did that, I would start up a computer that I know has delegation and run gpupdate /force to get it going and restart the computer, nothing happens. I then made it so when there was a user logon it would do the same. Same result. I made sure "enforced" was enabled, I enabled "always wait for the network at computer startup and logon," and finally I also enabled "configure scripts policy processing"
None of those helped. I looked into the script files again and I noticed that when I clicked "show files" under my GPO, the script I wanted wasn't there. So I added it manually and forced the update again, nothing.
I am only running this under a test environment right now so I am not pushing this to my domain controllers, servers, or really any users. I am pushing this to 2 different computers right now and they are not working.
I will show you photos of everything I have and if you all have any questions let me know.
Image showing GPs on the test environment
delegation to a computer called dantest, the one I am trying this with
Best Answer
Forget about the Startup Script in "Computer Configuration" because the script you set there is executed by the System even before anyone is logged in.
This is typically not interactive (you can add scripts to cleanup certain directories, or configure something on the computer, but you can't start an end-user application here, the app will not show but may be running in the background).
Well, you configured the Logon Script in "User Configuration" too, that's better because the scripts here are executed in the user's context, however, since Windows 8.1 the Logon Scripts don't run for five minutes after a user logs on. This is by design to speed up the loading of the user's desktop. However you can change that:
But, still, this is not the preferred way of achieving what you want, as Microsoft says:
you are out of scope because you don't want to "perform various maintenance and mangement tasks" with your use case.
I recommend you to deploy a Run Registry Key instead. You can still deploy that with Group Policy:
If you want to deploy this on a Computer (so that it applies to everyone logging in on the computer), then, in your GPO, go to Computer Configuration -> Preferences (not "Policies") -> Windows Settings -> Registry -> New Registry Item, and create a new REG_SZ value under the path shown in the documentation (
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run), give it a meaningful Value name, and set the Value data to be the path of the executable on the computer.If you want to deploy this setting on a per-user basis, then use the same method but on User Configuration instead of Computer Configuration (and
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runinstead of HKLM).Don't forget to link the Group Policy on an O.U containing your Users if you are using User Configuration, or on a Computer O.U if you are using Computer Configuration (same for the Delegation rights, add users if you are working with User Configuration or Computers if you are working with Computer Configuration)