[gptalk] Re: Start-Up Script policy

  • From: "Steve Rochford" <Steve.Rochford@xxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Tue, 4 Mar 2008 13:07:09 -0000

Bit of VBscript from our login script to turn on "auto-detect". This
will run silently. If you want to use regedit then stick /s after it in
your batch file.

 

     dim binArray(1024)

     Const HKEY_CURRENT_USER = &H80000001

     Set objRegistry = GetObject("winmgmts://./root/default:StdRegProv")

     sPath="Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Connections"

     lRC = objRegistry.GetBinaryValue(HKEY_CURRENT_USER, sPath,
"DefaultConnectionSettings", binArray)

     binArray(8)=9

     lRC = objRegistry.SetBinaryValue(HKEY_CURRENT_USER, sPath,
"DefaultConnectionSettings", binArray)

 

As far as I can work out, you just need to sit location 8 (counting from
0) to value 9 to get the "auto-detect settings" checked.

 

Steve

 

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Shane Williford
Sent: 04 March 2008 12:44
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Start-Up Script policy

 

Enforced per-machine proxy? Well, I set it up in GP, if that's what you
mean. This batch file is something I'm going to have to manually add to
my laptop users' local policy, which stinks, but no other way around it
really. Here's my reg file, Jamie:

 

Windows Registry Editor Version 5.00

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings]

"EnableAutoProxyResultCache"=dword:00000000

"EnableNegotiate"=dword:00000000

"ProxyEnable"=dword:00000000

"AutoConfigURL"=""

"ProxyServer"=""

"ProxyOverride"="<local>"

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Connections]

"DefaultConnectionSettings"=hex:3c,00,00,00,1f,00,00,00,01,00,00,00,00,0
0,00,

 
00,00,00,00,00,00,00,00,00,01,00,00,00,1f,00,00,00,68,74,74,70,3a,2f,2f,
31,

 
34,34,2e,31,33,31,2e,32,32,32,2e,31,36,37,2f,77,70,61,64,2e,64,61,74,90,
0e,

 1e,66,d3,88,c5,01,01,00,00,00,8d,a8,4e,9e,00,00,00,00,00,00,00,00

 

It took some real digging to get that last part, which deselects the
Automatic Detect Settings check box (didn't want to disable it, which I
know there's a much shorter entry for that...more of knowledge thing
than a preference or need). You know...I think I placed this bat file in
the Comp Config start-up script area, which won't work because of being
user settings (thanks Steve!). I'll try placing this on the User side
and test it out. And, if anyone knows how to run batches in "silent
mode", please share...thanks.

 

Shane

 

Shane M. Williford

Systems Administrator

MCSE, MCSA Sec, Sec+, Net+, A+

Mazuma Credit Union

shane.williford@xxxxxxxxxx

816-361-4194 x6012

 

________________________________

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Nelson, Jamie R
Sent: Monday, March 03, 2008 3:58 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Start-Up Script policy

 

That should work assuming you have actually enforced per-machine proxy
settings, otherwise you need to run it as a logon script in your local
policy. What do you have in your .reg file? 

 

Jamie Nelson | Systems Engineer | Systems Support, Information
Technology | I N T E G R I S Health | Phone 405.552.0903 | Fax
405.553.5687 | http://www.integrisok.com <http://www.integrisok.com/> 

 

 

________________________________

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Steve Rochford
Sent: Monday, March 03, 2008 3:56 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Start-Up Script policy

 

If this is machine startup then it won't work - proxy settings are user
specific so need to be set by a logon script rather than a startup
script.

 

Not sure if that's going to work as a local policy but I must admit that
I've never tried J

 

Can you use automatic configuration for the proxy - probably easier to
get working

 

Steve

 

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Shane Williford
Sent: Monday, March 03, 2008 3:33 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Start-Up Script policy

 

I'm pinging a computer on our domain. If the ping succeeds the script
ends; if it fails, I want to run a reg file that disables proxy
settings. I know it didn't run because I checked my proxy settings in IE
and they were enabled. I want them (through my reg file) to be disabled.
This method is how I'm resolving disabling proxy settings for my laptop
users who need to connect to the Internet while not at work.

 

This is the batch file I created:

 

@echo off

 

ping hostcomputer.domain

 

if errorlevel 1 goto disableIEProxy

 

goto done

 

:disableIEProxy

REGEDIT /S "C:\Support\DisableIEProxy.reg"

 

:done

 

I think my problem is that the cmd box is displaying (or wants to). When
I run the batch file by itself, it works, but displays the cmd window. I
can run the reg file silently, but how do I configure the "ping" part of
my file to run silently. Oh, btw, if you haven't figured it out, I'm a
neophyte scripter. J

 

Any assistance in my scripting inabilities is very much welcomed.

 

Thanks guys!

Shane

 

Shane M. Williford

Systems Administrator

MCSE, MCSA Sec, Sec+, Net+, A+

Mazuma Credit Union

shane.williford@xxxxxxxxxx

816-361-4194 x6012

 

________________________________

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Jakob H. Heidelberg
Sent: Monday, March 03, 2008 3:12 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Start-Up Script policy

 

And how about security/share permissions - did you make sure to add
"Authenticated Users" or "Domain Computers" to the NTFS & share
permissions (assuming you are running the script from a network
location).

 

Remember the credentials used are "SYSTEM" - which is the same as
running in "computer context"... Could this be the problem?

 

 

/Jakob H. Heidelberg

 

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Nelson, Jamie R
Sent: 3. marts 2008 21:39
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Start-Up Script policy

 

How do you know it didn't run? What is the script trying to do?

 

Jamie Nelson | Systems Engineer | Systems Support, Information
Technology | I N T E G R I S Health | Phone 405.552.0903 | Fax
405.553.5687 | http://www.integrisok.com <http://www.integrisok.com/> 

 

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Shane Williford
Sent: Monday, March 03, 2008 2:36 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Start-Up Script policy

 

Hmm...that's what I thought, but it didn't work. The batch file works,
but it didn't 'run' when I added it as a start-up script in the Local
Security Policy....hmm....back to the drawing board. J

 

Thanks Jamie!

 

________________________________

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Nelson, Jamie R
Sent: Monday, March 03, 2008 2:33 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Start-Up Script policy

 

Should work with any standard executable script (.bat, .cmd, .vbs, etc.)

 

Jamie Nelson | Systems Engineer | Systems Support, Information
Technology | I N T E G R I S Health | Phone 405.552.0903 | Fax
405.553.5687 | http://www.integrisok.com <http://www.integrisok.com/> 

 

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Shane Williford
Sent: Monday, March 03, 2008 2:24 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Start-Up Script policy

 

I created a start-up script to check if my computers are on the domain
and want to add-it to the Local Policy. Does Start-Up scripting policy
area only work with VBS files? The one I created is a batch file.


Thanks!

 

Shane M. Williford

Systems Administrator

MCSE, MCSA Sec, Sec+, Net+, A+

Mazuma Credit Union

shane.williford@xxxxxxxxxx

816-361-4194 x6012

 

Notice: The information transmitted in this e-mail may contain
confidential and/or legally privileged information intended only for the
use of the individual(s) named above. Review, use, disclosure,
distribution, or forwarding of this information by persons or entities
other than the intended recipient(s) is prohibited by law and may
subject them to criminal or civil liabilities. Statements and opinion
expressed in this e-mail may not represent those of Mazuma Credit Union.
All e-mail communications through Mazuma's corporate email system are
subject to archiving and review by someone other than the recipient. If
you have received this communication in error, please notify the sender
immediately and delete/destroy any and all copies of the original
message from any computer or network system. 

 

________________________________

This e-mail may contain identifiable health information that is subject
to protection under state and federal law. This information is intended
to be for the use of the individual named above. If you are not the
intended recipient, be aware that any disclosure, copying, distribution
or use of the contents of this information is prohibited and may be
punishable by law. If you have received this electronic transmission in
error, please notify us immediately by electronic mail (reply).

Other related posts: