How can we help?

How do I attach a logon script for WAgent in Windows server 2012?


How to attach a login script for WAgent in Windows Server 2012.

The Netsweeper WAgent has different deployment options. Please refer to the Wagent Documentation for configuration details. One option is to deploy WAgent with the parameters configured in the MSI file. The option described here is when WAgent configuration parameters are added to your users’ logon and logoff scripts in your LDAP application. This applies if you are using Directory Sync and the Webadmin Agent configuration setting “Assign Client Based on: Username Lookup”.


The batch file scripts will run when users log on and log off the domain. The WAgent executable must be named the same as what it is called in the logon and logoff scripts. 

The following step by step procedure describes how to attach these scripts in a Windows server 2012 domain controller.

  • On the Windows 2012 server, open the Group Policy Manager.
  • Right-click on your domain name and choose "Create a GPO in this domain and Link it here".  
  • Name the GPO, click and click "OK".
  • Right click on the newly created GPO and choose "Edit".
  • In the "Group Policy Management Editor" that opens, Navigate to the "User Configuration/Windows Settings/Scripts".


  • Double-click "Logon" to assign a login script and "Logoff" for the log off script
  • Click the "Show Files ..." button.


  • Copy your logon.bat file (see the Wagent documentation in the section "Create Batch File Script" for information on how to create this file) and the wagent executable into the directory window that opens and then close the directory window.
  • Click the "Add ..." button,  Click the "Add" button, then the "Browse" button.
  • Choose the logon.bat file and click "OK".
  • Follow the same process for the logoff script using the logoff directory in the Group Policy Management Editor
  • Once they are both done, close the windows.
  • In the Group Policy Management window, remove authenticated users from the security filtering, otherwise the script will apply to all users that sign on.
  • Add the group that the logon script is to apply to.
  • Close the window.


  1. Log in to a workstation.
  2. In the Webadmin, navigate to Policy Management > Client Manager (or in Netsweeper versions 7 and above: Policies > Clients) and verify that there is a record of the user that signed in with an IP. 

Note: you will see two records for the User; one with an IP and one without an IP.   The one without the IP is the template and will always be there.  The one with the IP will change as the user logs in and logs out.


Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request