We’ve recently experienced issues related to running Powershell login scripts with Group Policy. These were caused by delays in login script execution, and so this post details a more optimal approach to run your Powershell login scripts asynchronously.
Group Policy Login Scripts Not Running
I wrote a Powershell script to configure VMWare Horizon client connections. It worked flawlessly when launched via the PowerShell Scripts tab.
But due to the nature of the vmware-view executable (called in the script), the script took several seconds to run. And this delay caused other login scripts from other group policy objects not to run, or to only run on an intermittent basis!
I tried a few workarounds in my Powershell script.
I tried launching the vmware-view executable with Start-Process and not wait for the exit code. But this didn’t work because the executable needed to run synchronously, multiple times throughout the script (it essentially configured connections in a file called prefs.txt) and hence this wouldn’t work.
I also tried launching my code as a script block in a background task using Start-Job. But this didn’t work either because Start-Job seemed to suppress any output (writing to a text file, for example the prefs.txt file) and this in turn stopped vmware-view from correctly configuring the Horizon view client connections!
Running Powershell Login Scripts with Group Policy
The most reliable method of running Powershell login scripts with group policy asynchronously, without causing issues with other login scripts, was to use a good old batch file.
In my netlogon folder I included my Powershell script ‘HorizonClientConnections.ps1’ and a cmd file called ‘HorizonClientConnections.cmd’.
I launched the HorizonClientConnections.cmd file using the ‘Scripts’ tab in Group Policy, and the content of the CMD file was simply:
cmd /c START %windir%\System32\WindowsPowerShell\v1.0\powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -File "%~dp0HorizonClientConnections.ps1"Of course if you only needed to run a single cmdlet, you may also use something like this:
cmd /c START %windir%\System32\WindowsPowerShell\v1.0\powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -Command "Set-SmbClientConfiguration -FileInfoCacheLifetime 0 -FileNotFoundCacheLifetime 0 -DirectoryCacheLifetime 0 -Force; Restart-Service -Name LanmanWorkstation -Force;"
