Skip to main content

How to get PowerShell to Greet You

By

This will go down as one of my more devious posts.

This week my PowerShell class seemed to be having from with my Out-Voice code that I published last year. One of them asked me if PowerShell could say good morning, afternoon, evening to you.  Well, Of course it can.  Since we were about to learn about IF statements, I turned this into an exercise. 

To get this to work, you need to accomplish 3 tasks. First, you need to create the script. Second, you need to set up a GPO to launch the script.  Third, set up a GPO to disable the 5 minutes delay in launching user logon scripts in Windows 8.1. 

Step 1: Set up the script.

You need to make my Out-Voice code available to PowerShell by downloading the code and placing it at the beginning of the logon script.  This will make it available to the local system. In the same script, copy the code below after the Out-Voice code.  Take a moment to look at the help file for Out-Voice.  You can set a female voice if you prefer.

1

2

3

4

$Hour = (Get-Date).Hour

If ($Hour -lt 12) {"Good Morning $($Env:UserName)" | Out-Voice}

ElseIf ($Hour -gt 16) {"Good Eventing $($Env:UserName)" | Out-Voice}

Else {"Good Afternoon $($Env:UserName)" | Out-Voice}

 

Line 1 gets the current hour of the day.

Line 2 will greet the user with “Good Morning” if it is before 12 noon

Line 3 will greet the user with “Good Evening” if it is 5 PM or later

Line 4 will greet with “Good Afternoon: if ether of the other two conditions fail.

Save this script to \\YourDomain.com\SYSVOL\YourDomain.com\Scripts\Greeting.ps1  The YourDomain.com is what ever your domain name is.

 

Step 2: Creating the GPO for the login script.

In this example, we are assuming that the user account(s) that you are scoping this GPO to is stored in an Organization Unit at the root of your domain called UserObjects. 

In the Group Policy Management Console right click UserObjects OU and click Create a GPO in the Domain, and Link it here…

Give the GPO a name and click OK.

Right click the GPO that you just created and click Edit.

Navigate to User Configuration\Policies\Windows Settings\Scripts (Logon/Logoff)

Double click Logon

Click the PowerShell Scripts tab.

Click Add.

Click Browse

Browse to the location in SYSVOL that you stored your script.  Select the script and click Open.

Click OK

In the drop down box for For this GPO, run scripts in the following order and select Run Windows PowerShell scripts first.

Click OK

Exit out of Group Policy Management Editor

 

Step 3: Created the GPO to allow login scripts to execute right away. (This step is only required for Windows 8.1 clients)

In this example, we are assuming that the computer account(s) that you are scoping this GPO to is stored in an Organization Unit at the root of your domain called Clients. 

In the Group Policy Management Console right click UserObjects OU and click Create a GPO in the Domain, and Link it here…

Give the GPO a name and click OK.

Right click the GPO that you just created and click Edit.

Navigate to Computer Configuration\Policies\Administrative Templates\System\Group Policy.

Open the settings for Configure Logon Script Delay

Select Enabled

Set the number of minutes to 0.

Click OK.

Exit out of Group Policy Management Editor

 

Now wait.  Normal Active Directory replication must occur, the clients must refresh their GPOs, and the users must login.  If your clients or users do not receive the GPOs, perform your standard troubleshooting methodology for Group Policy.

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

How to list all the AD LDS instances on a server

By
AD LDS allows you to provide directory services to applications that are free of the confines of Active Directory.  To list all the AD LDS instances on a server, follow this procedure: Log into the server in question Open a command prompt. Type dsdbutil and press Enter Type List Instances and press Enter . You will receive a list of the instance name, both the LDAP and SSL port numbers, the location of the database, and its status.
Post a Comment
Read more

How to run GPResult on a remote client with PowerShell

By
In the past, to run the GPResult command, you would need to either physically visit this client, have the user do it, or use and RDP connection.  In all cases, this will disrupt the user.  First, you need PowerShell remoting enabled on the target machine.  You can do this via Group Policy . Open PowerShell and type this command. Invoke-Command –ScriptBlock {GPResult /r} –ComputerName <ComputerName> Replace <ComputerName> with the name of the target.  Remember, the target needs to be online and accessible to you.
Post a Comment
Read more

Where did a User’s Account Get Locked Out?

By
Updated: May 15, 2015 When this article was originally published, two extra carriage returns were add causing the code to malfunction.  The code below is correct.   My client for this week’s PowerShell class had a really interesting question. They needed to know where an account is being locked out at. OK, interesting. Apparently users hop around clients and forget to log off, leading to eventual lock out of their accounts. The accounts can be unlocked, but are then relocked after Active Directory replication. This problem is solved in two parts. The first one is to modify the event auditing on the network. The second part is resolved with PowerShell. The first part involves creating a group policy that will encompass your Domain Controllers. In this GPO, make these changes. Expand Computer Configuration \ Policies \ Windows Settings \ Security Settings \ Advanced Audit Policy Configuration \ Audit Policies \ Account Management Double click User Account Management C...
18 comments
Read more