Blog Home  Home Feed your aggregator (RSS 2.0)  
Syncio Blog - PS1 script support in your domain
fixitchris@twitter
 
Archive
<December 2009>
SunMonTueWedThuFriSat
293012345
6789101112
13141516171819
20212223242526
272829303112
3456789
Navigation
Home
Users
Chris8
Total Posts8
Comments0
Categories
 
 
 
 
 
 
Blogroll
Contact
Send mail to the author(s) Email Me

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.

Sign In
 Friday, December 04, 2009
PS1 script support in your domain by Chris

Your script store file structure:
 \\mydomain.com\SYSVOL\scripts\posh\ - the base folder for your posh runner
 \\mydomain.com\SYSVOL\scripts\posh\supportScripts - contains all of your init scripts
 \\mydomain.com\SYSVOL\scripts\posh\domainScripts - contains all of the scripts you want your client to run

Security considerations for Unrestricted exeucution policy:
 1. Set the Unrestricted exeuction policy in your domain [user settings]

  ADM Template: http://www.microsoft.com/downloads/details.aspx?FamilyID=2917a564-dbbc-4da7-82c8-fe08b3ef4e6d&DisplayLang=en

  [HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\PowerShell]
  "EnableScripts"=dword:00000001
  "ExecutionPolicy"="Unrestricted"

 2. Add your script store location as a trusted IE zone [user settings]

  -Navigate through User Configuration / Windows Settings / Internet Explorer Maintenance / Security.
  -Right-click Security Zones and Content Ratings in the right-hand pane and press Properties.
  -Select Import the current security zones and privacy settings. If prompted, press Continue.
  -Press Modify Settings.
  -Select Trusted Sites and press the Sites button.
  -Type the full URL of the site you wish to add and press Add.

  In this case the URL is: file://\\mydomain.com\SYSVOL\scripts\posh



\\mydomain.com\SYSVOL\scripts\posh\poshRunner.bat:
%systemroot%\system32\windowspowershell\v1.0\powershell.exe -NoLogo -NoProfile -Noninteractive -Command ".'\\mydomain.com\SYSVOL\scripts\posh\poshRunner.ps1'" %1

\\mydomain.com\SYSVOL\scripts\posh\poshRunner.ps1:
 if ( -not $ScriptToRun -eq [System.String]::Empty )
{
  Write-Host "Args: " $args;
  $scriptsPath = split-path $myInvocation.myCommand.Path;
  # define your variables, functions, etc... before running your client script
  . $($scriptsPath + "\supportScripts\Init.ps1");
  . $($scriptsPath + "\supportScripts\Variables.ps1");
  . $($scriptsPath + "\supportScripts\Functions.ps1");
  & $($scriptsPath + "\domainScripts\" + $ScriptToRun);
 }
else
 {
  Write-Host "No Args!";
  break;
 }

\\mydomain.com\SYSVOL\scripts\posh\domainScripts\PoshWasHere.ps1:
 $fname = $env:USERPROFILE + "\poshWasHere.txt";
 $stamp = (Get-Date).ToString();
 Add-Content $fname $stamp;

Now, in your GPO you can add PS1 logon/logoff scripts:
Script Name: \\mydomain.com\SYSVOL\scripts\posh\poshRunner.bat
Script Parameters: PoshWasHere.ps1




Some script wackiness: http://www.hanselman.com/blog/CommentView.aspx?guid=6a30d72b-4c9d-4141-b44d-9b074caa833f

Friday, December 04, 2009 10:20:39 AM (Central Standard Time, UTC-06:00)  #    Comments [0]    | 
Copyright © 2010 Chris Misztur. All rights reserved.
DasBlog 'Portal' theme by Johnny Hughes.
Pick a theme: