« Previous 1 2 3
Integrating scripts into Group Policy
Preprogrammed
Group Policy Log Troubleshooting
If group policies are not applied correctly on individual machines, you can troubleshoot with the free Microsoft Group Policy Log View [3] tool (Figure 4). This is especially true if scripts are not executed correctly. You can also combine the tool with group policies. Install the software on a computer you want to analyze; then, open a command line with administrator rights and change to the directory where you installed the tool. To monitor group policies, type the command:
> gplogview -o gpevents.txt
The tool analyzes all Group Policy entries and displays a text file in the directory where Group Policy errors are collected. You can also store Group Policy Log View in a logon script. It will then run on any machine that uses the logon script and give you central information about all the machines on the network that use this policy.
If you save the file with the evaluation result in a share in the logon script that you control using Group Policy, you can specifically monitor the use of the policy on multiple computers. In this case, you not only save the evaluation file in the network, but also enter the name of the evaluated computer. To do this, use the command:
> Gplogview -o \\<Server>\<Release>\%computername%-gpevent.txt
You can also create an HTML file as a report. In this case, the syntax is:
> Gplogview -h -o \\<Server>\<Release>\%computername%-gpevent.html
Remote Computers at a Glance
Administrators who remotely maintain multiple servers or networked computers often lack information about currently connected computers, such as the IP address, drive information, computer name, boot time, and more. If a user's computer needs remote maintenance, it is also helpful if they can see the name of their computer, IP address, and other information at a glance on their desktop. In many cases, administrators will find it extremely helpful if useful information can be displayed on the remote computer's desktop, without that information interfering with normal operation.
A helpful tool for this purpose is BGInfo [4] by Sysinternals (Figure 5). BGInfo can display information in different font sizes, colors, and other formats on the desktop. If you run the script as a logon script, the information is updated each time it is executed. In addition to predefined fields, you can also create your own queries and display information.
This display can be preconfigured, saved as a configuration file, and distributed to computers on the network with a script or Group Policy. The tool does not consume any system resources, but it creates a new desktop background image from the desired information at startup and then exits again. Therefore, the tool is not started during operation.
After starting BGInfo, you can configure which data you want to display in the future and save it as a configuration file. The Fields selection box shows the data you can include in the background image. Click on a field and then on <-Add to include it. Click the Custom button to define your own fields by starting a new query with New . In the new window, you are able to query environment variables, a registry value, a WMI query, or file data. However, in most cases, this is not necessary, because the standard fields already cover a lot of information.
Of course, it does not make sense to create a configuration file repeatedly or to make an individual file for each computer. For this reason, BGInfo lets you save the selected data as a BGI file with File | Save As . Then, you can start BGInfo so that it accepts this file as your configuration file and displays the selected data. To do this, simply start BGInfo with the command:
> BGInfo <name_of_the_BGI_file> /timer:0
If you do not specify a configuration file, BGInfo uses the default configuration information stored in the registry in the HKEY_CURRENT_USER\Software\Winternals\BGInfo
path.
The /timer:0
option means that the BGInfo configuration window does not appear, but the information is accepted immediately. You can include this command in a logon script and capture data, such as your computer's logon time or boot time. Of course, these times are only up to date if you let BGInfo start with every boot process or every login. BGInfo does not update itself dynamically; it always uses the data it finds at startup.
After creating the new background image, BGInfo terminates again. In addition to scripts, BGInfo can also be continuously updated with task scheduling in Windows during system startup and operation. However, this only makes sense if you also display fields whose information changes during operation. In addition to the /timer
option, BGInfo offers these options:
/popup
: Displays a pop-up window containing the information. This can be closed by users./taskbar
: Displays an icon in the taskbar's notification area next to the clock. If users click on the icon, the desired information appears exactly as in the/popup
option./all
: Changes the data for all currently logged on users (e.g., on terminal servers). In this way, all logged on users receive the new background image./log
: Creates a logfile about the execution that includes errors. This option is useful if you want the tool to be started frequently during operation using the task scheduler./rtf
: Creates an RTF file that also contains the formatting and color for logging.
Conclusions
Microsoft allows logon scripts to be integrated into Group Policy on Windows 10 and Windows Server 2016, as well, which can facilitate many repetitive tasks. The scripts can be integrated flexibly in a myriad of ways, which opens up extensive possibilities for administrators. If you encounter any problems, the integration of additional tools for problem solving or analysis can help.
Infos
- KiXtart: http://www.kixtart.org
- AutoIt: https://www.autoitscript.com/site/
- Group Policy Log View: https://www.microsoft.com/en-us/download/details.aspx?id=11147
- BGInfo: https://docs.microsoft.com/en-us/sysinternals/downloads/bginfo
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)