Title: Win2000 computer startup shutdown script
Keyword: Win2000 computer startup shutdown script
Information Source: Qingshui piuping
I. Introduction
The Win2000 computer startup/shutdown script (startup/shutdown scripts) is a new feature of Win2000. the STARTUP script is a batch file that is run before you log on to the system. It functions similar to the autoexec Automatic Execution of batch files in Win9x and DOS. BAT; the shutdown script is a batch of files running before the computer is shut down.
Compared with Win2000 logon/logoff scripts, the main difference between them is that the computer startup/shutdown script runs when the computer starts and shuts down, the script program runs only once. A dialog box inviting users to log on is usually displayed after the startup script is run. After the user logon/logout script appears in the dialog box inviting users to log on, when a user logs on to the system or logs off from the system, the Operation count is determined by the number of user logon/logout times. Each time the user logs on/out of the system, the script program runs once.
Ii. Assignment
Before enabling the computer startup/shutdown script, you must assign a. Assign the computer startup/shutdown script to use the Group Policy MMC (Management Console) Management Unit. The specific operations are as follows:
1. Click "start" menu-> "run", and enter "MMC" in the displayed dialog box to open the Microsoft Management Console (MMC ).
2. click "console" menu-> "Add/delete management unit... ", click" add "in the" Add/delete Management Unit "dialog box to add an independent management unit.
3. In the "add independent management unit" dialog box, select "Group Policy" in the "available independent management units" list, and click the "add" button.
4. when the system asks which group of policy objects to use, if you want to assign a script that is only executed on the local computer for the local computer, select the default "Local Computer" Group Policy object. If you want to assign a startup/shutdown script for Win2000 domains to all computers in the domain, click "Browse..." in the "select group policy object" dialog box... "button, select the Group Policy object that can be applied to the entire domain in the" Browse Group Policy "dialog box. Here, the" Default Domain Policy "object is used as an example, and the region is the Domain Policy object of the win2000domain (figure 1) (t1.gif ).
Token ).
6. in the left-side navigation pane of the Management Console, expand the Group Policy Object> Computer Configuration> Windows Settings> script (start/Close) node, double-click the "Start" or "Shut Down" item in the details pane on the right to set the script used when the computer is started or shut down (Figure 3) (t3.gif) (because the Win2000 computer startup and shutdown scripts are set in the same way, the following operations take the startup script as an Example ).
7. Double-click the "Start" project in the details pane on the right. In the displayed "Start properties" dialog box, click "add" to add a new computer STARTUP script.
8. A script entry includes the Script Name and script (figure 4) (t4.gif ). if the script name does not contain the file path, the script file name is only "scripta. vbs ", the system will go to the default computer STARTUP script path to find this script file. the script parameter is optional. It can be left blank. It depends on the actual situation. The Boot script in the figure uses the running parameter "start ".
9. the default path for local computer scripts is "% SystemRoot %/system32/grouppolicy/machine/scripts", for example, "C:/winnt/system32/grouppolicy/machine/scripts ". the default path of the Computer script applied to the domain is usually "// sysvol // policies // machine/scripts", for example, "// mydc1/sysvol/scripts ". the STARTUP script file is stored in the "Startup" sub-folder, and the shutdown script file is stored in the "shutdown" sub-folder.
10. You can click "add" in the "launch properties" dialog box as needed to repeat multiple boot scripts (Figure 5-digit (t5.gif) for the computer ).
11. After setting, save and exit the Group Policy MMC snap-in. After the Group Policy is refreshed, these scripts will take effect when the computer starts and shuts down.
Iii. In-depth
1. the Setting data of the Computer startup/shutdown script is saved in a script named scripts by Win2000. INI hidden configuration file, which is located in the "C:/winnt/system32/grouppolicy/machine/scripts" directory, you can use any file editing software such as NotePad to edit.
Scripts. the INI file usually contains two data segments: [startup] and [shutdown]. The [startup] data segment contains the startup script configuration, and the [shutdown] data segment contains the shutdown script configuration. each script entry is divided into two parts: the Script Name and the script parameter. The script name is saved under the xcmdline keyword and the parameter is saved under the xparameters keyword. Here, X indicates the script sequence number starting from 0, to differentiate multiple script entries and mark the running sequence of each script entry. the following is a simple scripts. example of the INI file:
[Startup]
0 rows line = D:/start/SS. bat
0 parameters =
1 required line = scriptsa. vbs
1 parameters = start
[Shutdown]
0 bytes line = shut. vbs
0 parameters =
We can see from the example that a total of two computer startup scripts are set: Ss. BAT and scripta. vbs. SS. bat is located in the D:/start directory, and no parameter is used; scriptsa. vbs is located in the default startup script directory c:/winnt/system32/grouppolicy/machine/scripts/startup. The "start" parameter is used ". the execution sequence of the two scripts is to execute SS first. execute scriptsa after bat. vbs. set a shutdown script shut. vbs, no parameters used. The script is located in the default shutdown script directory c:/winnt/system32/grouppolicy/machine/scripts/shutdown.
2. You can fine-tune the running status of the startup/shutdown script, including whether to run synchronously, whether to display the running status, and the maximum waiting time. The specific operations are as follows:
(1)-(5) Steps 1-5 in the second part of the assignment operation;
(6) In the console tree pane on the left of the console, expand the Group Policy object in sequence-> "Computer Configuration"-> "management template"-> "login" node, the details pane on the right shows four items that are related to the startup/shutdown scripts (figure 6) (t6.gif): the startup script is not run synchronously. The running status of the startup script is displayed, and the running status of the shutdown script is displayed, the maximum waiting time of the Group Policy script.
(7) run the startup script in non-synchronous mode.
By default (that is, if no configuration is available, the system will not run the next startup script until each STARTUP script is completed. if this policy is enabled, the system does not coordinate the running sequence of the startup script. the startup script can run simultaneously. if this policy is disabled or not configured, each STARTUP script can be run only after the previous script has been run. it is not recommended to configure.
The registry value corresponding to this policy is "HKEY_LOCAL_MACHINE/software/Microsoft/Windows/CurrentVersion/policies/system/runstartupscriptsync". This is a REG_DWORD value, where 0 indicates enabled and 1 indicates disabled.
(8) display the running status of the startup/shutdown script
By default, commands in the startup script are not displayed. if this policy is enabled, the system displays each command when the startup script is running. The command appears in the Command window or the human-computer interaction interface. This function is designed for advanced users. If this policy is disabled or not configured, the command is not displayed. We recommend that you do not configure this policy.
For example, assume that you have a command in the startup script "C:/winnt/assumer.exe C:/winnt". If this policy is enabled, the running status of the startup script can be displayed, when the computer starts, a resource manager window will pop up and the desktop will be opened. The system will log on to the computer as a system user. This is no different from the famous Input Method Vulnerability! It can be seen that the running status of the startup/shutdown script is sometimes very dangerous.
The registry values of these two group policy entries are "HKEY_LOCAL_MACHINE/software/Microsoft/Windows/CurrentVersion/policies/system/hidestartupscripts" and "HKEY_LOCAL_MACHINE/software/Microsoft/Windows/CurrentVersion/ policies/system/hideshutdownscripts ", all are REG_DWORD values. 0 indicates enabled, and 1 indicates disabled.
(9) maximum waiting time for group policy scripts
This policy limits all the time required by the Group Policy to complete logon, start, and close scripts. if the specified time has exceeded but the script has not been run, the system stops Script Processing and records an error event. by default, the system allows the merged script set to run for 600 seconds (10 minutes ).
However, we do not recommend that you do this. If your script is poorly written, the consequences will be unimaginable!
If other system tasks can be performed only after the script is completed, this interval is critical. by default, you must complete each STARTUP script before running the next one, you can also use the "non-synchronous run STARTUP script" policy to enable the system to wait until the startup script is completed before the user login invitation dialog box appears. if the interval is too long, the system will be delayed and the user will not be convenient. If the interval is too short, the system may be too early to complete the required tasks, resulting in problems.
The registry value corresponding to this Group Policy entry is "HKEY_LOCAL_MACHINE/software/Microsoft/Windows/CurrentVersion/policies/system/maxgposcriptwait", which is also a REG_DWORD value and indicates the waiting time, the Unit is seconds.
Iv. Application
The computer startup/shutdown script is widely used. The following are three typical examples:
1. Computer startup and shutdown time review
(1) write a script logtime. vbs that can record the time. The content is as follows:
'================================================ ==========
Dim argobj, STR, strtmp
Set argobj = wscript. Arguments
If argobj. Count <1 then
Strtmp = "No parameter operation! "
Else
Select case argobj. Item (0)
Case "Startup"
Strtmp = "server startup ."
Case "shutdown"
Strtmp = "server disabled ."
Case else
Strtmp = "unknown operation! Parameter: "+ argobj. Item (0)
End select
End if
Set FSO = Createobject ("scripting. FileSystemObject ")
Set TMP = FSO. opentextfile ("D:/log/logtime.txt", 8, true)
STR = "[" + CSTR (now () + "]" + strtmp + CHR (13) + CHR (10)
TMP. Write Str
TMP. Close
Set TMP = nothing
Set FSO = nothing
'================================================ ============
This script has two parameters: startup and shutdown. when used as the startup script, use the "Startup" parameter; when used as the shutdown script, use the "shutdown" parameter. in addition, the FileSystemObject object is used in the script. before using this script, make sure that this object already exists on your computer.
(2) set the script according to the previous method. each time the computer starts or shuts down, the script runs and records the time when the computer starts or shuts down (in fact, the time when the script runs, but the two should be almost the same) into a text file, the example is "D:/log/logtime.txt", which can be changed as needed.
2. delete some special shares
In Win2000, due to the needs of computer management and user logon, the system creates many special shares, such as C $, d $, ADMIN $, IPC $, and netlogon, however, these shares are not required by all computers. using the "Computer Management" MMC or net share command to disable these shares is only a way to cure the problem. They will reappear after the computer restarts. based on security and other considerations, we sometimes want to completely delete these shares. there are many ways to delete such special shares, such as editing the Registry. Next we will provide a method to delete these special shares using the startup script.
(1) Compile a batch file delshare. bat that can delete special shares. The content is as follows:
NET Share C $/delete
NET Share d $/delete
NET Share IPC $/delete
NET Share netlogon/delete
(2) set the script as the startup script and restart the computer. OK. Everything is clean.
3. Restore the administrator password or create an Administrator Account
Losing the administrator password is a headache, but it may happen at any time. in an emergency, there are already many mature technologies such as the classic logon screen protection procedure and O & O software. in fact, using the startup script is also a good choice.
(1) If the faulty computer uses the fat/FAT32 file system, you can directly use the Win98 boot disk for boot. if the NTFS file system is used, remove the hard disk from the faulty computer and mount it to another Win2000 computer in disk mode. the following is a case later. Assume that the system partition of the faulty computer (usually C becomes the partition E on the new computer :.
(2) Compile a batch file Admin. bat that can restore the administrator password. The content only needs a "Net user" command:
Net user administrator 12345678
Assume that the current Administrator is administrator and the password is "12345678 ". set the file admin. bat is saved to "E:/winnt/system32/grouppolicy/machine/scripts/startup", that is, the original "C: /winnt/system32/grouppolicy/machine/scripts/startup.
(3) Compile a startup/shutdown script configuration file scripts. ini. The file name is fixed and cannot be changed. The content is as follows:
[Startup]
0 Required line = Admin. bat
0 parameters =
Copy the file scripts. INI is saved to "E:/winnt/system32/grouppolicy/machine/scripts", that is, the original "C: under/winnt/system32/grouppolicy/machine/scripts.
(4) recover the hard disk to the master disk, connect it to the original computer, and restart it. Wait until the startup script is run. After the startup script is run, the Administrator's password is restored to "12345678 ".
(5) If you want to create a new Administrator account, you can modify the content of the admin. BAT file:
Net user admin 12345678/Add
Net localgroup Administrators Admin/Add
An administrator account named "admin" with a password of "12345678" is created.
This method not only restores the password of the local administrator on the independent server, but also restores the password of the domain administrator in the Win2000 domain.