ich habe folgendes Problem und kann mir die Ursache nicht erklären.
1. Skripte wie dieses haben schon funktioniert ... funktionieren aber jetzt auch nicht mehr
2. An den GPOs habe ich nichts geändert
3. Auch der Vierenscanner ist unschuldig
4. Die Berechtigungen in Registry und der NTUser.dat sind Windows Standard
Der Code ...
Code: Alles auswählen
Registry_AcceptEULA /AllNTUserDats
[Registry_AcceptEULA]
openkey [HKEY_CURRENT_USER\SOFTWARE\Fortinet\FortiClient\FA_UI\VPN-6.4.0.1464]
set "installed"=reg_dword:0x5eb938a8
Code: Alles auswählen
registry loadUnicodeTextFile("%ScriptPath%\config\AcceptEULA.reg") /regedit /AllNTUserDats
Code: Alles auswählen
(6934) [5] [Jun 17 09:56:19:499] [lra_forticlient] Execution of: Registry_AcceptEULA /AllNTUserDats
(6935) [5] [Jun 17 09:56:19:499] [lra_forticlient]
(6936) [6] [Jun 17 09:56:19:500] [lra_forticlient] Registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18] opened
(6937) [6] [Jun 17 09:56:19:500] [lra_forticlient] Key closed
(6938) [6] [Jun 17 09:56:19:500] [lra_forticlient] Registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19] opened
(6939) [6] [Jun 17 09:56:19:500] [lra_forticlient] Key closed
(6940) [6] [Jun 17 09:56:19:500] [lra_forticlient] Registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20] opened
(6941) [6] [Jun 17 09:56:19:500] [lra_forticlient] Key closed
(6942) [6] [Jun 17 09:56:19:500] [lra_forticlient] Registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2974151604-755877624-1240835612-500] opened
(6943) [6] [Jun 17 09:56:19:500] [lra_forticlient] Key closed
(6944) [6] [Jun 17 09:56:19:500] [lra_forticlient] Registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-484763869-1580436667-725345543-1558] opened
(6945) [6] [Jun 17 09:56:19:500] [lra_forticlient] Key closed
(6946) [6] [Jun 17 09:56:19:500] [lra_forticlient]
(6947) [6] [Jun 17 09:56:19:500] [lra_forticlient] Branch: Administrator
(6948) [4] [Jun 17 09:56:19:502] [lra_forticlient] Warning: NTUser.dat could not be loaded from path "C:\Users\Administrator\NTUser.dat". Code 1314: Dem Client fehlt ein erforderliches Recht.<
(6949) [6] [Jun 17 09:56:19:502] [lra_forticlient]
(6950) [6] [Jun 17 09:56:19:502] [lra_forticlient] Branch: admin
(6951) [4] [Jun 17 09:56:19:502] [lra_forticlient] Warning: NTUser.dat could not be loaded from path "C:\Users\admin\NTUser.dat". Code 1314: Dem Client fehlt ein erforderliches Recht.<
(6952) [6] [Jun 17 09:56:19:502] [lra_forticlient]
(6953) [6] [Jun 17 09:56:19:502] [lra_forticlient] Branch: Default
(6954) [4] [Jun 17 09:56:19:503] [lra_forticlient] Warning: NTUser.dat could not be loaded from path "C:\Users\Default\NTUser.dat". Code 1314: Dem Client fehlt ein erforderliches Recht.<
(6955) [6] [Jun 17 09:56:19:503] [lra_forticlient]
(6956) [6] [Jun 17 09:56:19:503] [lra_forticlient] Make it for user .DEFAULT
(6957) [5] [Jun 17 09:56:19:503] [lra_forticlient]
(6958) [6] [Jun 17 09:56:19:504] [lra_forticlient] Registry key [HKEY_USERS\.DEFAULT\SOFTWARE\Fortinet\FortiClient\FA_UI\VPN-6.4.0.1464] created
(6959) [6] [Jun 17 09:56:19:504] [lra_forticlient] Variable "installed" set to "0x5eb938a8"
(6960) [6] [Jun 17 09:56:19:504] [lra_forticlient] Key closed
Starte ich die Installation on_demand mit angemeldeten Benutzer, wird die Registry des angemeldeten Benutzer gepacht und ich erhalte das folgende Log:
Code: Alles auswählen
(373) [5] [Jun 18 08:29:52:916] [lra_forticlient] Execution of: Registry_AcceptEULA /AllNTUserDats
(374) [5] [Jun 18 08:29:52:916] [lra_forticlient]
(375) [6] [Jun 18 08:29:52:916] [lra_forticlient] Registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18] opened
(376) [6] [Jun 18 08:29:52:917] [lra_forticlient] Key closed
(377) [6] [Jun 18 08:29:52:917] [lra_forticlient] Registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19] opened
(378) [6] [Jun 18 08:29:52:917] [lra_forticlient] Key closed
(379) [6] [Jun 18 08:29:52:917] [lra_forticlient] Registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20] opened
(380) [6] [Jun 18 08:29:52:917] [lra_forticlient] Key closed
(381) [6] [Jun 18 08:29:52:917] [lra_forticlient] Registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2974151604-755877624-1240835612-500] opened
(382) [6] [Jun 18 08:29:52:917] [lra_forticlient] Key closed
(383) [6] [Jun 18 08:29:52:917] [lra_forticlient] Registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-484763869-1580436667-725345543-1558] opened
(384) [6] [Jun 18 08:29:52:917] [lra_forticlient] Key closed
(385) [6] [Jun 18 08:29:52:917] [lra_forticlient]
(386) [6] [Jun 18 08:29:52:917] [lra_forticlient] Branch: Administrator
(387) [4] [Jun 18 08:29:52:918] [lra_forticlient] Warning: NTUser.dat could not be loaded from path "C:\Users\Administrator\NTUser.dat". Code 1314: Dem Client fehlt ein erforderliches Recht.<
(388) [6] [Jun 18 08:29:52:922] [lra_forticlient] Info: Registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\[S-1-5-21-484763869-1580436667-725345543-1558]] could not be opened by RegOpenKeyEx, Errorno 2 "Das System kann die angegebene Datei nicht finden.<"
(389) [5] [Jun 18 08:29:52:923] [lra_forticlient]
(390) [6] [Jun 18 08:29:52:924] [lra_forticlient] Registry key [HKEY_USERS\S-1-5-21-484763869-1580436667-725345543-1558\SOFTWARE\Fortinet\FortiClient\FA_UI\VPN-6.4.0.1464] created
(391) [6] [Jun 18 08:29:52:924] [lra_forticlient] Variable "installed" set to "0x5eb938a8"
(392) [6] [Jun 18 08:29:52:924] [lra_forticlient] Key closed
(393) [6] [Jun 18 08:29:52:949] [lra_forticlient]
(394) [6] [Jun 18 08:29:52:949] [lra_forticlient] Branch: admin
(395) [4] [Jun 18 08:29:52:950] [lra_forticlient] Warning: NTUser.dat could not be loaded from path "C:\Users\admin\NTUser.dat". Code 1314: Dem Client fehlt ein erforderliches Recht.<
(396) [5] [Jun 18 08:29:52:953] [lra_forticlient]
(397) [6] [Jun 18 08:29:52:953] [lra_forticlient] Registry key [HKEY_USERS\S-1-5-21-484763869-1580436667-725345543-1558\SOFTWARE\Fortinet\FortiClient\FA_UI\VPN-6.4.0.1464] opened
(398) [6] [Jun 18 08:29:52:953] [lra_forticlient] Variable "installed" is keeping its value "1589196968"
(399) [6] [Jun 18 08:29:52:953] [lra_forticlient] Key closed
(400) [6] [Jun 18 08:29:52:953] [lra_forticlient]
(401) [6] [Jun 18 08:29:52:953] [lra_forticlient] Branch: Default
(402) [4] [Jun 18 08:29:52:954] [lra_forticlient] Warning: NTUser.dat could not be loaded from path "C:\Users\Default\NTUser.dat". Code 1314: Dem Client fehlt ein erforderliches Recht.<
(403) [6] [Jun 18 08:29:52:956] [lra_forticlient] Info: Registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\[S-1-5-21-484763869-1580436667-725345543-1558]] could not be opened by RegOpenKeyEx, Errorno 2 "Das System kann die angegebene Datei nicht finden.<"
(404) [5] [Jun 18 08:29:52:958] [lra_forticlient]
(405) [6] [Jun 18 08:29:52:958] [lra_forticlient] Registry key [HKEY_USERS\S-1-5-21-484763869-1580436667-725345543-1558\SOFTWARE\Fortinet\FortiClient\FA_UI\VPN-6.4.0.1464] opened
(406) [6] [Jun 18 08:29:52:958] [lra_forticlient] Variable "installed" is keeping its value "1589196968"
(407) [6] [Jun 18 08:29:52:958] [lra_forticlient] Key closed
(408) [6] [Jun 18 08:29:52:958] [lra_forticlient]
(409) [6] [Jun 18 08:29:52:958] [lra_forticlient] Make it for user .DEFAULT
(410) [5] [Jun 18 08:29:52:958] [lra_forticlient]
(411) [6] [Jun 18 08:29:52:959] [lra_forticlient] Registry key [HKEY_USERS\.DEFAULT\SOFTWARE\Fortinet\FortiClient\FA_UI\VPN-6.4.0.1464] opened
(412) [6] [Jun 18 08:29:52:959] [lra_forticlient] Variable "installed" is keeping its value "1589196968"
(413) [6] [Jun 18 08:29:52:959] [lra_forticlient] Key closed
opsi-client-agent : 4.1.0.0-40
opsi-winst : 4.12.3.12-1
Windows 10 1903
Ich hoffe ihr könnt mir helfen.
Viele Grüße