In-depth introduction to the Win2000 computer startup/shutdown script

Source: Internet
Author: User
Tags administrator password

In-depth introduction to the Win2000 computer startup/shutdown script


I. Introduction


The Win2000 machine startup/shutdown script (startup/shutdown scripts) is a new feature of Win2000. The STARTUP script is a batch file that invites users to log on to and run before. Its function is similar to the Automatic Execution of batch files autoexec. BAT in Win9x and DOS. The shutdown script is a batch file running before the computer is shut down.


Compared with Win2000 User Logon/logout scripts (logon/logoff scripts), the main differences between them are:

The computer startup/shutdown script runs when the computer is started and shut down. The script program runs only once. A dialog box inviting users to log on is usually displayed after the script is run;


The user login/logout script appears in the invite User Login Dialog Box, and runs when the user logs on to the system or logs off from the system. The running times are determined by the number of user logon/logout times, every time you log on to or log out of the system, the script program runs once.



Ii. Assignment


Before enabling the computer startup/shutdown script, you must assign a. Assign the computer startup/shutdown script to use the Group Policy MMC (Management Console) Management Unit. The specific operations are as follows:


1. Click "start" menu-> "run", and enter "MMC" in the displayed dialog box to open the Microsoft Management Console (MMC ).


2. click "console" menu-> "Add/delete management unit... ", click" add "in the" Add/delete Management Unit "dialog box to add an independent management unit.


3. In the "add independent management unit" dialog box, select "Group Policy" in the "available independent management units" list, and click the "add" button.


4. when the system asks which group of policy objects to use, if you want to assign a script that is only executed on the local computer for the local computer, select the default "Local Computer" Group Policy object. If you want to assign a startup/shutdown script for Win2000 domains to all computers in the domain, click "Browse..." in the "select group policy object" dialog box... "button. In the" Browse Group Policy "dialog box, select the Group Policy object that can be applied to the entire domain. Here, the" Default Domain Policy "object is used as an example, it is the default domain policy object of Win2000 domain.


5. Close the dialog box and return to the Management Console. Now the management console has a corresponding group policy object tree.


6. in the left-side navigation pane of the Management Console, expand the Group Policy Object> Computer Configuration> Windows Settings> script (start/Close) node, double-click the "Start" or "Shut Down" item in the details pane on the right to set the script used when the computer is started or shut down (because the Win2000 computer is started and shut down in the same way, the following operations take the startup script as an example ).


7. Double-click the "Start" project in the details pane on the right. In the displayed "Start properties" dialog box, click "add" to add a new computer STARTUP script.


8. A script entry includes the Script Name and parameters. If the script name does not contain the file path, and the script file name is only "scripta. vbs", the system searches for the script file in the default computer STARTUP script path. The script parameter is optional. It can be left blank, depending on the actual situation.


9. The default path for local computer scripts is usually


% SystemRoot %/system32/grouppolicy/machine/scripts

For example




The default path for computer scripts applied to the domain is usually


/// Sysvol // policies // machine/scripts

For example


// Mydc1/sysvol/


The STARTUP script file is stored in the "Startup" sub-folder, and the shutdown script file is stored in the "shutdown" sub-folder.


10. Click "add" in the "launch properties" dialog box as needed to add multiple startup scripts to the computer.


11. After the settings are complete, save and exit the Group Policy MMC snap-in. After the Group Policy is refreshed, these scripts will take effect when the computer starts and shuts down.


Iii. In-depth


1. The setting data of the script for computer startup/shutdown is saved in a hidden configuration file named scripts. ini by Win2000, which is located in




Directory, you can use any file editing software such as NotePad to edit.


The content of the scripts. ini file usually contains two data segments: [startup] and [shutdown]. The [startup] data segment is the startup script configuration, and the [shutdown] data segment is the shutdown script configuration. Each script entry is divided into two parts: the Script Name and the script parameter. The script name is saved under the xcmdline keyword and the parameter is saved under the xparameters keyword. Here, X indicates the script sequence number starting from 0, to differentiate multiple script entries and mark the running sequence of each script entry.


The following is an example of a simple scripts. ini file:


0 rows line = D:/start/SS. bat
0 parameters =
1 required line = scriptsa. vbs
1 parameters = start
0 bytes line = shut. vbs
0 parameters =

From the example, we can see that there are two computer startup scripts: Ss. BAT and scripta. vbs.

SS. bat is located in the D:/start directory and no parameters are used.

Scriptsa. vbs is located in the default startup script directory c:/winnt/system32/grouppolicy/machine/scripts/startup. The "start" parameter is used ".

The execution sequence of the two scripts is to execute SS first. execute scriptsa after bat. vbs. set a shutdown script shut. vbs, no parameters used. The script is located in the default shutdown script directory c:/winnt/system32/grouppolicy/machine/scripts/shutdown.


2. You can fine-tune the running status of the startup/shutdown script, including synchronous running, running status, and maximum waiting time. The procedure is as follows:

(1)-(5) Steps 1-5 in the second part of the assignment operation;

(6) In the console tree pane on the left of the console, expand the Group Policy object in sequence-> "Computer Configuration"-> "management template"-> "login" node, the details pane on the right shows four items related to the startup/shutdown script. Non-synchronous run of the startup script displays the running status of the startup script and the running status of the shutdown script, the maximum waiting time of the Group Policy script.


(7) run the startup script in non-synchronous mode.
By default (that is, if no configuration is available, the system will not run the next startup script until each STARTUP script is completed. if this policy is enabled, the system does not coordinate the running sequence of the startup script. the startup script can run simultaneously. if this policy is disabled or not configured, each STARTUP script can only run after the previous script has been run. It is not recommended to configure.

The registry value corresponding to this policy is




This is a REG_DWORD value. 0 indicates enabled, and 1 indicates disabled.


(8) display the running status of the startup/shutdown script

By default, commands in the startup script are not displayed. if this policy is enabled, the system displays each command when the startup script is running. The command appears in the Command window or the human-computer interaction interface. This function is designed for advanced users. If this policy is disabled or not configured, the command is not displayed. It is not recommended to configure.

For example, assume that you have a command in the startup script "C:/winnt/assumer.exe C:/winnt". If this policy is enabled, the running status of the startup script can be displayed, when the computer starts, a resource manager window will pop up and the desktop will be opened. The system will log on to the computer as a system user. This is no different from the famous Input Method Vulnerability! It can be seen that the running status of the startup/shutdown script is sometimes very dangerous.


The registry values corresponding to these two group policy entries are





All are REG_DWORD values. 0 indicates enabled, and 1 indicates disabled.


(9) maximum waiting time for group policy scripts


This policy limits the full time required by the Group Policy to complete logon, start, and close scripts. If the specified time has exceeded but the script has not been run, the system stops Script Processing and records an error event. By default, the system allows the merged script set to run for 600 seconds (10 minutes ).



To use this policy, type the number from 1 to 32000 In the second box to determine the time you want the system to wait for the script to complete, in seconds. To wait until the script is run, enter 0 no matter how long it takes. However, we do not recommend that you do this. If your script is poorly written, the consequences will be unimaginable!

If other system tasks can be performed only after the script is completed, this interval is critical. By default, you must complete each STARTUP script before running the next one, you can also use the "non-synchronous run STARTUP script" policy to enable the system to wait until the startup script is complete before a dialog box inviting users to log on. Too long intervals can delay the system and make users inconvenient. If the interval is too short, the system may be too early to complete the required tasks, resulting in problems.


The registry value corresponding to this Group Policy entry is



It is also a REG_DWORD value. Its value indicates the waiting time, in seconds.


Iv. Application


The computer startup/shutdown script is widely used. The following are three typical examples:



  1. Computer startup and shutdown time review


(1) write a script logtime. vbs that can record the time. The content is as follows:

'================================================ ==========
Dim argobj, STR, strtmp

Set argobj = wscript. Arguments
If argobj. Count <1 then
Strtmp = "No parameter operation! "
Select case argobj. Item (0)
Case "Startup"
Strtmp = "server startup ."
Case "shutdown"
Strtmp = "server disabled ."
Case else
Strtmp = "unknown operation! Parameter: "+ argobj. Item (0)
End select
End if

Set FSO = Createobject ("scripting. FileSystemObject ")
Set TMP = FSO. opentextfile ("D:/log/logtime.txt", 8, true)

STR = "[" + CSTR (now () + "]" + strtmp + CHR (13) + CHR (10)
TMP. Write Str
TMP. Close

Set TMP = nothing
Set FSO = nothing
'================================================ ============

This script has two parameters: startup and shutdown. When used as the startup script, use the "Startup" parameter; when used as the shutdown script, use the "shutdown" parameter. in addition, the script uses the FileSystemObject object. before using this script, make sure that this object already exists on your computer.


(2) set the script according to the previous method. each time the computer starts or shuts down, the script runs and records the time when the computer starts or shuts down (in fact, the time when the script runs, but the two should be almost the same) into a text file, the example is "D:/log/logtime.txt", which can be changed as needed.


2. delete some special shares

In Win2000, due to the needs of computer management and user logon, the system creates many special shares, such as C $, d $, ADMIN $, IPC $, and netlogon, however, these shares are not required by all computers. using the "Computer Management" MMC or net share command to disable these shares is only a way to cure the problem. They will reappear after the computer restarts. based on security and other considerations, we sometimes want to completely delete these shares. there are many ways to delete such special shares, such as editing the Registry. Next we will provide a method to delete these special shares using the startup script.


(1) Compile a batch file delshare. bat that can delete special shares. The content is as follows:

NET Share C $/delete
NET Share d $/delete
NET Share IPC $/delete
NET Share netlogon/delete

(2) set the script as the startup script and restart the computer. OK. Everything is clean.


3. Restore the administrator password or create an Administrator Account


Losing the administrator password is a headache, but it may happen at any time. in an emergency, there are already many mature technologies, such as the classic logon screen protection procedure and O & O software, to restore the administrator password and create a new Administrator account. In fact, using the startup script is also a good choice.


(1) If the faulty computer uses the fat/FAT32 file system, you can directly use the Win98 boot disk for boot. if the NTFS file system is used, remove the hard disk from the faulty computer and mount it to another Win2000 computer in disk mode. in the following case, assume that the system partition of the faulty computer (usually C becomes the partition E on the new computer :.


(2) Compile a batch file Admin. bat that can restore the administrator password. The content only needs a "Net user" command:

Net user administrator 12345678

Assume that the current Administrator is administrator and the password is "12345678 ". set the file admin. bat is saved to "E:/winnt/system32/grouppolicy/machine/scripts/startup", that is, the original "C: /winnt/system32/grouppolicy/machine/scripts/startup.


(3) Compile a startup/shutdown script configuration file scripts. ini. The file name is fixed and cannot be changed. The content is as follows:

0 Required line = Admin. bat
0 parameters =

Copy the file scripts. INI is saved to "E:/winnt/system32/grouppolicy/machine/scripts", that is, the original "C: /winnt/system32/grouppolicy/machine/scripts.


(4) recover the hard disk to the master disk, connect it to the original computer, and restart it. Wait until the startup script is run. After the startup script is run, the Administrator's password is restored to "12345678 ".


(5) If you want to create a new Administrator account, you can modify the content of the admin. BAT file:

Net user admin 12345678/Add
Net localgroup Administrators Admin/Add

In this way, an administrator account named "admin" with a password of "12345678" is created.

This method not only restores the password of the local administrator on the independent server, but also restores the password of the domain administrator in the Win2000 domain.





For more information about Windows Script Host in Windows 2000, visit the following Microsoft Web site:

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.