I have a vbscript that I would like to run at startup without logging into
the machine. I added it to Local Computer Policy\Computer
Configuration\Windows Settings\Scripts (Startup/Shutdown).

The script renames the machine and reboots, then it will join a domain and
shut down. I would like the script to run interactively as it needs user
credentials to join the domain.



When Windows starts, it shows that it is running the startup scripts but it
gets stuck there and it does not display anything. I redirected the output
of the script to a text file and I can see that it was asking for user
credentials.

So my question is how do I force the startup script to run in an interactive
mode?

I appreciate any help. Thank you!

"doggah" <someone@xxxxxx> wrote in message
news:uiuWn%23YxIHA.1980@xxxxxx

>I have a vbscript that I would like to run at startup without logging into
>the machine. I added it to Local Computer Policy\Computer
>Configuration\Windows Settings\Scripts (Startup/Shutdown).
>
> The script renames the machine and reboots, then it will join a domain and
> shut down. I would like the script to run interactively as it needs user
> credentials to join the domain.
>
> When Windows starts, it shows that it is running the startup scripts but
> it gets stuck there and it does not display anything. I redirected the
> output of the script to a text file and I can see that it was asking for
> user credentials.
>
> So my question is how do I force the startup script to run in an
> interactive mode?

You cannot. Startup scripts run after the computer authenticates to the
domain but before any user has logged on. A startup script cannot prompt for
information because there is no user. You could hard code credentials in the
script, but that has obvious security problems.

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--

Thanks for your reply.

I am sorry if I was not clear. The script ran and I was able to see the
redirected output, however I cannot see a command prompt window where I have
to provide input. It was stuck at that point and I had to restart the
machine in Safe Mode to remove the script from startup.

The machine is not on the domain. I am trying to avoid authenticating twice
locally everytime the script is used (I am going to use it on several
hundreds of machines). I though that startup scripts use the LocalSystem
account to run.

Thanks again.


"Richard Mueller [MVP]" <rlmueller-nospam@xxxxxx> wrote in
message news:O6B95kZxIHA.4564@xxxxxx

>
> "doggah" <someone@xxxxxx> wrote in message
> news:uiuWn%23YxIHA.1980@xxxxxx

>>I have a vbscript that I would like to run at startup without logging into
>>the machine. I added it to Local Computer Policy\Computer
>>Configuration\Windows Settings\Scripts (Startup/Shutdown).
>>
>> The script renames the machine and reboots, then it will join a domain
>> and shut down. I would like the script to run interactively as it needs
>> user credentials to join the domain.
>>
>> When Windows starts, it shows that it is running the startup scripts but
>> it gets stuck there and it does not display anything. I redirected the
>> output of the script to a text file and I can see that it was asking for
>> user credentials.
>>
>> So my question is how do I force the startup script to run in an
>> interactive mode?

>
>
> You cannot. Startup scripts run after the computer authenticates to the
> domain but before any user has logged on. A startup script cannot prompt
> for information because there is no user. You could hard code credentials
> in the script, but that has obvious security problems.
>
> --
> Richard Mueller
> MVP Directory Services
> Hilltop Lab - http://www.rlmueller.net
> --
>
>

I was able to call the script using wscript instead of cscript, however I
have to modify it as some of the methods are not supported with WMI.

I would still like to have a command-prompt-like-window but I cannot figure
this out yet.


"doggah" <someone@xxxxxx> wrote in message
news:uiuWn%23YxIHA.1980@xxxxxx

>I have a vbscript that I would like to run at startup without logging into
>the machine. I added it to Local Computer Policy\Computer
>Configuration\Windows Settings\Scripts (Startup/Shutdown).
>
> The script renames the machine and reboots, then it will join a domain and
> shut down. I would like the script to run interactively as it needs user
> credentials to join the domain.
>
> When Windows starts, it shows that it is running the startup scripts but
> it gets stuck there and it does not display anything. I redirected the
> output of the script to a text file and I can see that it was asking for
> user credentials.
>
> So my question is how do I force the startup script to run in an
> interactive mode?
>
> I appreciate any help. Thank you!
>
>

"doggah" <someone@xxxxxx> wrote in message
news:%23ncSb$ZxIHA.4912@xxxxxx

> Thanks for your reply.
>
> I am sorry if I was not clear. The script ran and I was able to see the
> redirected output, however I cannot see a command prompt window where I
> have to provide input. It was stuck at that point and I had to restart the
> machine in Safe Mode to remove the script from startup.
>
> The machine is not on the domain. I am trying to avoid authenticating
> twice locally everytime the script is used (I am going to use it on
> several hundreds of machines). I though that startup scripts use the
> LocalSystem account to run.
>
> Thanks again.

Yes, Startup scripts run with credentials of the local System on the local
computer, and the credentials of the computer object elsewhere in the
domain. But there is no user, so you cannot prompt for information.

I run a VBScript program to join a domain, but I run it as administrator on
the machine after I logon. The script has the credentials hard coded. When I
reboot I can logon to the domain. I don't know if this would work in a
Startup script. The script I use follows:
==============
' JoinDomain.vbs
' VBScript program to join a computer to a domain.
' The computer account is created in Active Directory.
' The computer must have XP or above.
' The AD must be W2k3 or above.
' See c:\Windows\debug\NetSetup.log for details.

Option Explicit

Dim strDomain, strUser, strPassword
Dim objNetwork, strComputer, objComputer, lngReturnValue
Dim strOU

Const JOIN_DOMAIN = 1
Const ACCT_CREATE = 2
Const ACCT_DELETE = 4
Const WIN9X_UPGRADE = 16
Const DOMAIN_JOIN_IF_JOINED = 32
Const JOIN_UNSECURE = 64
Const MACHINE_PASSWORD_PASSED = 128
Const DEFERRED_SPN_SET = 256
Const INSTALL_INVOCATION = 262144

strDomain = "MyDomain"
strPassword = "xYz$312#q"
strUser = "administrator"
strOU = "ou=Computers,ou=Sales,dc=MyDomain,dc=com"

Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName

Set objComputer = GetObject("winmgmts:" _
& "{impersonationLevel=Impersonate,authenticationLevel=Pkt}!\\" & _
strComputer & "\root\cimv2:Win32_ComputerSystem.Name='" & _
strComputer & "'")

lngReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
strPassword, strDomain & "\" & strUser, strOU, _
JOIN_DOMAIN + ACCT_CREATE)

Wscript.Echo "ReturnValue = " & CStr(lngReturnValue)
=====
Code I've seen for renaming a computer is similar. See this link:

http://www.microsoft.com/technet/scr.../cptrvb14.mspx

I don't know how this would work in a Startup script that runs with only the
credentials of the computer object. You may be able to use the SWbemLocator
object, which allows you to specify alternate credentials. See this link:

http://www.microsoft.com/technet/scr..._wmi_ciga.mspx

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--

I know that the script is running in the background. I just need to see a
window where I can provide input. I have seen the same script before and I
am reinventing the wheel.

I was successful with it if I use wscript instead of cscript but with
wscript I cannot mask the password.


"Richard Mueller [MVP]" <rlmueller-nospam@xxxxxx> wrote in
message news:OYKVuxaxIHA.4876@xxxxxx

>
> "doggah" <someone@xxxxxx> wrote in message
> news:%23ncSb$ZxIHA.4912@xxxxxx

>> Thanks for your reply.
>>
>> I am sorry if I was not clear. The script ran and I was able to see the
>> redirected output, however I cannot see a command prompt window where I
>> have to provide input. It was stuck at that point and I had to restart
>> the machine in Safe Mode to remove the script from startup.
>>
>> The machine is not on the domain. I am trying to avoid authenticating
>> twice locally everytime the script is used (I am going to use it on
>> several hundreds of machines). I though that startup scripts use the
>> LocalSystem account to run.
>>
>> Thanks again.

>
> Yes, Startup scripts run with credentials of the local System on the local
> computer, and the credentials of the computer object elsewhere in the
> domain. But there is no user, so you cannot prompt for information.
>
> I run a VBScript program to join a domain, but I run it as administrator
> on the machine after I logon. The script has the credentials hard coded.
> When I reboot I can logon to the domain. I don't know if this would work
> in a Startup script. The script I use follows:
> ==============
> ' JoinDomain.vbs
> ' VBScript program to join a computer to a domain.
> ' The computer account is created in Active Directory.
> ' The computer must have XP or above.
> ' The AD must be W2k3 or above.
> ' See c:\Windows\debug\NetSetup.log for details.
>
> Option Explicit
>
> Dim strDomain, strUser, strPassword
> Dim objNetwork, strComputer, objComputer, lngReturnValue
> Dim strOU
>
> Const JOIN_DOMAIN = 1
> Const ACCT_CREATE = 2
> Const ACCT_DELETE = 4
> Const WIN9X_UPGRADE = 16
> Const DOMAIN_JOIN_IF_JOINED = 32
> Const JOIN_UNSECURE = 64
> Const MACHINE_PASSWORD_PASSED = 128
> Const DEFERRED_SPN_SET = 256
> Const INSTALL_INVOCATION = 262144
>
> strDomain = "MyDomain"
> strPassword = "xYz$312#q"
> strUser = "administrator"
> strOU = "ou=Computers,ou=Sales,dc=MyDomain,dc=com"
>
> Set objNetwork = CreateObject("WScript.Network")
> strComputer = objNetwork.ComputerName
>
> Set objComputer = GetObject("winmgmts:" _
> & "{impersonationLevel=Impersonate,authenticationLevel=Pkt}!\\" & _
> strComputer & "\root\cimv2:Win32_ComputerSystem.Name='" & _
> strComputer & "'")
>
> lngReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
> strPassword, strDomain & "\" & strUser, strOU, _
> JOIN_DOMAIN + ACCT_CREATE)
>
> Wscript.Echo "ReturnValue = " & CStr(lngReturnValue)
> =====
> Code I've seen for renaming a computer is similar. See this link:
>
> http://www.microsoft.com/technet/scr.../cptrvb14.mspx
>
> I don't know how this would work in a Startup script that runs with only
> the credentials of the computer object. You may be able to use the
> SWbemLocator object, which allows you to specify alternate credentials.
> See this link:
>
> http://www.microsoft.com/technet/scr..._wmi_ciga.mspx
>
> --
> Richard Mueller
> MVP Directory Services
> Hilltop Lab - http://www.rlmueller.net
> --
>
>

There is one way to mask a password read in using INPUTBOX: drag the
inputbox window down far enough that the input field is no longer shown on
the screen as you type in there.

Yes, this relies on the user actually doing that, but, in a pinch, it might
suffice. It would probably be a good idea to set the title to include: "DRAG
THIS WINDOW TO OBSCURE THE INPUT", and to prefix the prompt with: "CAUTION:
the password you type below will be displayed on the screen in plain text.
Before typing it, please drag this window down so that the input field is
off the screen".


/Al

"doggah" <someone@xxxxxx> wrote in message
news:uAeEF9axIHA.6096@xxxxxx

>I know that the script is running in the background. I just need to see a
>window where I can provide input. I have seen the same script before and I
>am reinventing the wheel.
>
> I was successful with it if I use wscript instead of cscript but with
> wscript I cannot mask the password.
>
>
> "Richard Mueller [MVP]" <rlmueller-nospam@xxxxxx> wrote in
> message news:OYKVuxaxIHA.4876@xxxxxx

>>
>> "doggah" <someone@xxxxxx> wrote in message
>> news:%23ncSb$ZxIHA.4912@xxxxxx

>>> Thanks for your reply.
>>>
>>> I am sorry if I was not clear. The script ran and I was able to see the
>>> redirected output, however I cannot see a command prompt window where I
>>> have to provide input. It was stuck at that point and I had to restart
>>> the machine in Safe Mode to remove the script from startup.
>>>
>>> The machine is not on the domain. I am trying to avoid authenticating
>>> twice locally everytime the script is used (I am going to use it on
>>> several hundreds of machines). I though that startup scripts use the
>>> LocalSystem account to run.
>>>
>>> Thanks again.

>>
>> Yes, Startup scripts run with credentials of the local System on the
>> local computer, and the credentials of the computer object elsewhere in
>> the domain. But there is no user, so you cannot prompt for information.
>>
>> I run a VBScript program to join a domain, but I run it as administrator
>> on the machine after I logon. The script has the credentials hard coded.
>> When I reboot I can logon to the domain. I don't know if this would work
>> in a Startup script. The script I use follows:
>> ==============
>> ' JoinDomain.vbs
>> ' VBScript program to join a computer to a domain.
>> ' The computer account is created in Active Directory.
>> ' The computer must have XP or above.
>> ' The AD must be W2k3 or above.
>> ' See c:\Windows\debug\NetSetup.log for details.
>>
>> Option Explicit
>>
>> Dim strDomain, strUser, strPassword
>> Dim objNetwork, strComputer, objComputer, lngReturnValue
>> Dim strOU
>>
>> Const JOIN_DOMAIN = 1
>> Const ACCT_CREATE = 2
>> Const ACCT_DELETE = 4
>> Const WIN9X_UPGRADE = 16
>> Const DOMAIN_JOIN_IF_JOINED = 32
>> Const JOIN_UNSECURE = 64
>> Const MACHINE_PASSWORD_PASSED = 128
>> Const DEFERRED_SPN_SET = 256
>> Const INSTALL_INVOCATION = 262144
>>
>> strDomain = "MyDomain"
>> strPassword = "xYz$312#q"
>> strUser = "administrator"
>> strOU = "ou=Computers,ou=Sales,dc=MyDomain,dc=com"
>>
>> Set objNetwork = CreateObject("WScript.Network")
>> strComputer = objNetwork.ComputerName
>>
>> Set objComputer = GetObject("winmgmts:" _
>> & "{impersonationLevel=Impersonate,authenticationLevel=Pkt}!\\" & _
>> strComputer & "\root\cimv2:Win32_ComputerSystem.Name='" & _
>> strComputer & "'")
>>
>> lngReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
>> strPassword, strDomain & "\" & strUser, strOU, _
>> JOIN_DOMAIN + ACCT_CREATE)
>>
>> Wscript.Echo "ReturnValue = " & CStr(lngReturnValue)
>> =====
>> Code I've seen for renaming a computer is similar. See this link:
>>
>> http://www.microsoft.com/technet/scr.../cptrvb14.mspx
>>
>> I don't know how this would work in a Startup script that runs with only
>> the credentials of the computer object. You may be able to use the
>> SWbemLocator object, which allows you to specify alternate credentials.
>> See this link:
>>
>> http://www.microsoft.com/technet/scr..._wmi_ciga.mspx
>>
>> --
>> Richard Mueller
>> MVP Directory Services
>> Hilltop Lab - http://www.rlmueller.net
>> --
>>
>>

>