Re: GPRESULT not working from remote computer
- From: "Darren Mar-Elia" <dmanonymous@xxxxxxxxxxxxx>
- Date: Wed, 22 Aug 2007 08:57:05 -0700
What you've found is a quirk in the way gpresult works. Even if you are only interested in collecting RSOP data for the remote computer, the tool looks for RSOP data for your current user account that you're using to run the command on that remote machine, and bails out if it doesn't find it (meaning you've never logged on interactively with that account on that remote machine). So, in order to get this to work, you need to specify a user account on the /USER option that you know has always logged into the remote system. Or, I suppose you could also just ignore using the /USER option but rather always run your script in the context of a user who has always logged into those remote systems. The other alternative is to use GPMC scripting to accomplish this, instead of gpresult.
--
Darren Mar-Elia
MS-MVP-Windows Server--Group Policy
Script Group Policy Settings with the GPExpert Scripting Toolkit for PowerShell!
Find out more at http://www.sdmsoftware.com/products2.php
Visit the GPOGUY: http://www.gpoguy.com -- The Windows Group Policy Information Hub:
FAQs, Training Videos, Whitepapers and Utilities for all things Group
Policy-related
"Jos Rossiau" <JosRossiau@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:E63EBE7E-07F5-4F72-BEAA-5487BB207C57@xxxxxxxxxxxxxxxx
Hello,
I have written a little script that checks and reports what group policies
have been applied to a number of servers.
In short the scripts runs the following command foreach of the servers:
gpresult /S <servername> /U <domain\userid /> /P <password> /SCOPE COMPUTER
/USER <domain\userid>
When I run the script (or gpresult manually) I get the error message:
INFO: The user "domain\userid" does not have RSOP data.
When I log on locally or via RDP to this server I can run gpresult.
When I log off and rerun the script, the server I have logged on to is
succesful, but the other servers I have not yet logged on to are not.
I figured this would be caused by a lack of a userprofile on the local
computer, so I embeded a psexec -e (the one that creates a profile, not the
newest that avoids creating a profile on the remote computer) command in the
script to create a userprofile on the remote computer before running gpresult
on it.
This did however not work, a userprofile directory was created, but that was
not adequate for gpresult to work correctly. The only difference with loging
on locally or via RDP was that the user did not get its own registrykey under
HKEY_USERS.
It looks like gpresult wants to check the HKEY_USERS\<SID of user> to check
for user gpo's applied.
Although I only want to check computer policies, the lack of possiblity to
check user policies for the user is stopping me.
Does anyone know how I can have the userprofile load correctly, including
creating the HKEY_USERS\usersid key from a commandline (preferably remote)?
Is there any other way of getting the same info as gpresult /S <servername>
/SCOPE COMPUTER ?
Any help would be appreciated, instead of having to log on interactively at
all my servers.
Greetings,
Jos Rossiau
.
- Follow-Ups:
- Re: GPRESULT not working from remote computer
- From: Jos Rossiau
- Re: GPRESULT not working from remote computer
- Prev by Date: Re: GPRESULT not working from remote computer
- Next by Date: Re: Several questions in Deploying software with GP
- Previous by thread: Re: GPRESULT not working from remote computer
- Next by thread: Re: GPRESULT not working from remote computer
- Index(es):
Relevant Pages
|
