This is something of a scripting question, but regarding a script I would like to include in a package. I am currently working on packaging an auditing tool for 100+ remote employees. One of the customer's requirements is a backup of the auditing files everytime the user logs off their laptop, whether they are connected to the domain or not. This is due to the time consuming nature of re-entering the info if the laptop crashes (3 hours for some).

So I have the package more or less built. I wrote a quick VBScript called Backup.vbs that essentially copies the audit files to a thumb drive that is hard-coded to use drive letter z:\. The script keeps 3 generations of files, to minimize the chance of corruption. I have confirmed the backup script itself works, and when I manually create a Logoff script with GPedit.msc and point to this backup script, it executes perfectly.

The problem comes into incorporating this into my package. I took a snapshot of all registry entries generated when I create the policy manually, and wrote another VBScript to add these upon install (see below). I confirmed that the script installs the registry entries, and can see the message "running logoff scripts" when logging off, but the backup script never executes. Most annoying of all, if I open GPEdit.msc, go to User Config>Windows Settings>Scripts>Logoff, and hit refresh, it then begins working! There must be some minute detail I am missing. Has anyone ever done this successfully, or have any thoughts? I'm getting close to offering a reward on this one.

<Start Script>
Const HKEY_CURRENT_USER = &H80000001
strComputer = "."

Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
strComputer & "\root\default:StdRegProv")

strKeyPath1 = "Software\Policies\Microsoft\Windows"
strKeyPath2 = "Software\Policies\Microsoft\Windows\System"
strKeyPath3 = "Software\Policies\Microsoft\Windows\System\Scripts"
strKeyPath4 = "Software\Policies\Microsoft\Windows\System\Scripts\Logoff"
strKeyPath5 = "Software\Policies\Microsoft\Windows\System\Scripts\Logoff\0"
strKeyPath6 = "Software\Policies\Microsoft\Windows\System\Scripts\Logoff\0\0"
strValueName1 = "DisplayName"
strValueName2 = "FileSysPath"
strValueName3 = "GPO-ID"
strValueName4 = "GPOName"
strValueName5 = "SOM-ID"
strValueName6 = "Parameters"
strValueName7 = "Script"

strValue1 = "Local Group Policy"
strValue2 = "C:\Windows\System32\GroupPolicy\User"
strValue3 = "LocalGPO"
strValue4 = "Local Group Policy"
strValue5 = "Local"
strValue6 = ""
strValue7 = "Backup.vbs"

oReg.CreateKey HKEY_CURRENT_USER,strKeyPath3
oReg.CreateKey HKEY_CURRENT_USER,strKeyPath4
oReg.CreateKey HKEY_CURRENT_USER,strKeyPath5
oReg.CreateKey HKEY_CURRENT_USER,strKeyPath6
oReg.SetStringValue HKEY_Current_USER,strKeyPath5,strValueName1,strValue1
oReg.SetStringValue HKEY_Current_USER,strKeyPath5,strValueName2,strValue2
oReg.SetStringValue HKEY_Current_USER,strKeyPath5,strValueName3,strValue3
oReg.SetStringValue HKEY_Current_USER,strKeyPath5,strValueName4,strValue4
oReg.SetStringValue HKEY_Current_USER,strKeyPath5,strValueName5,strValue5
oReg.SetStringValue HKEY_Current_USER,strKeyPath6,strValueName6,strValue6
oReg.SetStringValue HKEY_Current_USER,strKeyPath6,strValueName7,strValue7
<End Script>
0 Comments   [ - ] Hide Comments


Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
Answer this question or Comment on this question for clarity


methinks you need to rethink what you're doing, and how you're doing it. To be honest, this looks like a horrible mess. "Auditing Tool"? This is part of the operating system. You, the administrator, can build into the operating system what you want audited, down to a fine level of detail.
Answered 02/20/2009 by: aogilmor
Ninth Degree Black Belt

Please log in to comment
Sorry, perhaps I did not explain well enough. The auditing tool is the application I am repackaging. In this case, an Insurance Claims Examiner goes out to a business site and audits that site for worker's compensation safety. The Examiner then uses the audit application to enter the data and present a hard copy of the audit to the insured. This audit finding greatly affects the premium the insured pays.

You are correct in that this is not the ideal situation. I would much prefer to create an A.D. security group, add the users of the application to this group, and then set a logoff script policy on the group. However, as the users are not always on the domain, and domain policies are not cached, this is not ideal. A local policy is the only option I am aware of in order to meet the needs of the customer (namely, that the audit file is backed up at every logoff).

Thanks for the response, though.
Answered 02/20/2009 by: JLogan3o13
Yellow Belt

Please log in to comment
I you insist on using this method, what happens if you run a gpupdate after the script/ at the end of the script?
Answered 02/20/2009 by: pgiesbergen
Orange Belt

Please log in to comment
OK I understand, so there is one file you have to have backed up before logoff and these are the actual reg keys where the policy is applied. I still think you should probably use something like secedit and have a consistent network drive to back up to.
Answered 02/20/2009 by: aogilmor
Ninth Degree Black Belt

Please log in to comment