For years people have recommended using AppSense Environment Manager and creating a set of actions that run on the process started trigger when explorer.exe runs. Others recommend assessing the logon process and find something that runs in the user context immediately after logon. These are both acceptable recommendations but in my experience are not ideal. Builds vary and you cannot always rely on a specific application running on all platforms to trigger these actions from.
This post will show you what I do instead and to date... this hasn't failed:
The first thing I do is create an empty executable which waits for 1 second and closes. My colleague, Jorrit van Eijk created a powershell action which creates this executable at computer startup.
You can find the XML snippet for that script here...
Simply import the action into the computer startup trigger of your Environment Manager configuration and provided powershell is installed on the endpoint, RefreshNow.exe will be created on the next reboot.
The next thing I do is create a set registry action to add a registry value to the RunOnce registry key which will run RefreshNow.exe at logon.
You can find the XML snippet for that action here...
Lastly I create a process started trigger for RefreshNow.exe launching and I publish anything that is not required during logon in this node.
A few examples of things I include here are:
- Desktop Icons
- Migration Actions
- Internet Explorer ADM/ADMX settings
- UserSID scripts
- Creation of IE Favorites
- Network Drive Mapping
- Network Printer Mapping
You can find the XML snippet for that action with a few sample actions here...MD5: 5ccd31c07be2933f63319557098a6539
There are a few actions you should not try and use in the "Post Logon Trigger". A few examples are:
- Folder Redirection
- Lockdown Actions
- ADM / ADMX Actions that affect regional settings, themes, etc.
Any questions or comments find me on twitter...