Skip to main content

How to get PowerShell to Greet You

This will go down as one of my more devious posts.

This week my PowerShell class seemed to be having from with my Out-Voice code that I published last year. One of them asked me if PowerShell could say good morning, afternoon, evening to you.  Well, Of course it can.  Since we were about to learn about IF statements, I turned this into an exercise. 

To get this to work, you need to accomplish 3 tasks. First, you need to create the script. Second, you need to set up a GPO to launch the script.  Third, set up a GPO to disable the 5 minutes delay in launching user logon scripts in Windows 8.1. 

Step 1: Set up the script.

You need to make my Out-Voice code available to PowerShell by downloading the code and placing it at the beginning of the logon script.  This will make it available to the local system. In the same script, copy the code below after the Out-Voice code.  Take a moment to look at the help file for Out-Voice.  You can set a female voice if you prefer.

1

2

3

4

$Hour = (Get-Date).Hour

If ($Hour -lt 12) {"Good Morning $($Env:UserName)" | Out-Voice}

ElseIf ($Hour -gt 16) {"Good Eventing $($Env:UserName)" | Out-Voice}

Else {"Good Afternoon $($Env:UserName)" | Out-Voice}

 

Line 1 gets the current hour of the day.

Line 2 will greet the user with “Good Morning” if it is before 12 noon

Line 3 will greet the user with “Good Evening” if it is 5 PM or later

Line 4 will greet with “Good Afternoon: if ether of the other two conditions fail.

Save this script to \\YourDomain.com\SYSVOL\YourDomain.com\Scripts\Greeting.ps1  The YourDomain.com is what ever your domain name is.

 

Step 2: Creating the GPO for the login script.

In this example, we are assuming that the user account(s) that you are scoping this GPO to is stored in an Organization Unit at the root of your domain called UserObjects. 

In the Group Policy Management Console right click UserObjects OU and click Create a GPO in the Domain, and Link it here…

Give the GPO a name and click OK.

Right click the GPO that you just created and click Edit.

Navigate to User Configuration\Policies\Windows Settings\Scripts (Logon/Logoff)

Double click Logon

Click the PowerShell Scripts tab.

Click Add.

Click Browse

Browse to the location in SYSVOL that you stored your script.  Select the script and click Open.

Click OK

In the drop down box for For this GPO, run scripts in the following order and select Run Windows PowerShell scripts first.

Click OK

Exit out of Group Policy Management Editor

 

Step 3: Created the GPO to allow login scripts to execute right away. (This step is only required for Windows 8.1 clients)

In this example, we are assuming that the computer account(s) that you are scoping this GPO to is stored in an Organization Unit at the root of your domain called Clients. 

In the Group Policy Management Console right click UserObjects OU and click Create a GPO in the Domain, and Link it here…

Give the GPO a name and click OK.

Right click the GPO that you just created and click Edit.

Navigate to Computer Configuration\Policies\Administrative Templates\System\Group Policy.

Open the settings for Configure Logon Script Delay

Select Enabled

Set the number of minutes to 0.

Click OK.

Exit out of Group Policy Management Editor

 

Now wait.  Normal Active Directory replication must occur, the clients must refresh their GPOs, and the users must login.  If your clients or users do not receive the GPOs, perform your standard troubleshooting methodology for Group Policy.

Comments

Popular posts from this blog

How to run GPResult on a remote client with PowerShell

In the past, to run the GPResult command, you would need to either physically visit this client, have the user do it, or use and RDP connection.  In all cases, this will disrupt the user.  First, you need PowerShell remoting enabled on the target machine.  You can do this via Group Policy . Open PowerShell and type this command. Invoke-Command –ScriptBlock {GPResult /r} –ComputerName <ComputerName> Replace <ComputerName> with the name of the target.  Remember, the target needs to be online and accessible to you.

How to force a DNS zone to replicate

For many implementations of DNS in a Windows environment, DNS is configured as being Active Directory integrated.  In other words, the DNS zone information is actually stored as a partition in the active directory database.  When Active Directory replicates, the zone data transfers.  For standard DNS deployments, the data is stored in a file.  You have to configure zone transfers manually in the DNS console.   The question in class was how to initiate replication manually.  Once you have properly configured a Primary and secondary DNS server and configured the Primary server to allow zone transfers, you can manually initiate a zone transfer.   Below you can see our test environment.  The image is of to RDP sessions to two different servers.  The DNS console on the left is the primary.  You can see and entry for Test2 that is not in the secondary database.  The servers are named NYC-DC2 (Primary DNS) and NYC-DC1 (Secondary DNS).  The DNS zone is named test.contoso.com . On the se

Disable SMB signing

It never fails.  Once ever couple of months I have a delegate in my class that has to keep a Windows NT4 box running.  There is nothing wrong with that.  Many applications build on Windows NT4 are solid.  Why upgrade and incur cost when no upgrade is really required?  That is generally the reason why Windows NT4 is being used.  Another reason is the vender went out of business, but the application that is required is really good and paid for. Two things to take note of.  If these Windows NT4 clients are going to be authenticating on a Windows Sever 2008 DC, then you may have a problem.  For WinNT 4.0 SP2 and earlier, SMB signing was not supported.  For WinNT4.0 SP3 and earlier, secure channel was not supported. SMB signing helps to prevent Man-in-the-middle attacks.  To open GPMC, click Start , click Run , type gpmc.msc , and then click OK . In the console tree, right-click Default Domain Controllers Policy in Domains\ Current Domain Name \Group Policy objects\Default Domain Co