| | | | | | | |

  Terminal Services
 

Popular Search Engines

Google.com

Yahoo.com

MSN.com

Certificate Authorities

VeriSign

GeoTrust

Thawte
 
 

Logon Script Methodology for Terminal Services/Server

Introduction: Using Logon scripts will greatly automate simple tasks for your userbase during login to Terminal Services and Citrix Servers. Such as..

Map drives to shared resources
Map Network Printers
User Menuing
Configure User Environment
Inventory

Scripting Languages: Logon Scripts can be scripted using one of several scripting languages, such as

DOS Batch .bat or .cmd file extentions
Windows Scripting Host (.js, vbs, or .wsf) file extentions
Kixtart scripting using .kix file extention.
Perl
Python
JScript

Some of these scripting languages are more difficult to learn than others, DOS batch is likely the easiest to learn, where JScript is more difficult. Weather your a scripting master or beginner keep in mind that

(Designing an efficient Enterprise Wide Administrative Model that conforms to Standards are key in building an effective Enterprise logon script, that will be easy to manage and support.)

Over the years I have learned that finding a happy medium works best for me. The Kixtart scripting language is my choice for building logon scripts. It's fast and easy to learn, and provides a good measure of scripting power.

NT 4.0 Domain: logon scripts are stored on the Primary Domain controller in the "c:\winnt\system32\repl\import\scripts" directory, otherwise known as the "NetLogon" share.

And are replicated out to all Backup Domain Controllers in the domain. Replication must be setup manually using the SRVMGR.EXE utility.

Active Directory 2000 and 2003 Domains: logon scripts are stored in the "Netlogon" share and auto-replicated to all Domain Controllers in the "c:\WINNT\SYSVOL\sysvol\(Domain)\scripts" directory.

Logon script integration with Terminal Server/MetaFrame is the focus of this article. Here is an example of a DOS Batch and Kixtart logon script that includes logic to determine if someone is logging onto a Citrix Server or a Desktop PC.

Logon.bat - Click to Show Logon Script

Logon.bat script is launched from the "NetLogon" share. And is just a dos batch file, that contains logic to determine if a user is logging into a desktop PC or Terminal Server. It then branches off to execute the Terminal Server logon script or the PC desktop logon script. This is because the PC desktop logon script is different than the Terminal Server logon script. The Logon.bat also xcopies the Terminal Server logon script (termserv.kix) and the kixtart executable (kix32.exe) to the Terminal Server c:\kixtart directory along with the other kixtart scripts to be launched that also perform work. The xcopy provides version control, so files will ONLY be copied to the c:\kixtart location if they are older than the versions on the "netlogon" share. The goal here is to run the kixtart scripting engine and scripts locally on the Terminal Server during logon. This method will run comparably faster from the local (c:\kixtart) drive of the Terminal server over the netlogon share. Try it, and you decide

The logon.bat script follows this logic:

  • Determines if you are logging onto a Citrix Server or PC, if yes to Citrix then it

  • Copies Kix32.exe down to the c:\kixtart\ if it does not exist, or is an older version.

  • Copies termserv.kix and mapdrive.kix to c:\kixtart if they do not exist, or are older versions.

  • It then runs the termserv.kix from the c:\kixtart\termserv.kix location.

    termserv.kix Script  Performs global functions and calls other scripts to perform work.

    mapdrives.kix Script  is called from the termserv.kix script and maps drives based on Domain group membership. This is just a sample script. Although I have used this scipting method with over one hundred drive mappings based on group membership, and it still ran super fast. It too is xcopied down from the netlogon share to the c:\kixtart directory and launched.

    Creating an Enterprise Menu with Scripting based on group membership:

    menu.kix Script  This script is called from the termserv.kix and is located on the "NetLogon" share. This is a simple and powerful way to implement your own integrated menuing system. It uses simple shortcuts placed up on the netlogon share, and are copied down to the Current User profile each time you logon, only if you are in the active directory application group will you receive the Start Menu shortcut. This Menu is centralized and easy to manage, and it's faster than you can imagine. The sample script above has been greatly reduced in size, the original script has over 500 lines, and it runs very fast.

    Here is the original Menu script for your reference, it ran everytime someone logged in to the domain and performed the work of setting up the menu in the start menu, creating a "Shared Programs" flyout.

    Key Note:   If you wish to chisel down the user logon time just a little, all you have to do is locate the kixtart scripting engine and scripts on the local c:\ drive of the MetaFrame Servers and launch them from there. You can place logic in the logon script to xcopy the scripts down to the local drive during the logon process and auto update via version control. This way you keep centralized mamagement of all logon scripts, and provides faster logon times for the clients. Especially if you have a large userbase.

    This methodology has worked very sucessfully in large corporate enterprise environments with the userbase in the thousands.

    More scripting resources





    		•