croustimiel
asked on
Deploy HOSTS file using GPO
Hello,
I want to deploy the HOSTS file using GPO by launching a VBSCRIPT at start logon. But I can't replace the existing file by the new because I must keep the existing Hosts file, then no COPY.
Whereas each time the user log on the computer, the GPO is launched and the data in the HOSTS file are appended each time with the same data.
How can I deploy a Hosts file in order to update the Host file of all computer in the company. Have ou a solution or other idea ??
I want to deploy the HOSTS file using GPO by launching a VBSCRIPT at start logon. But I can't replace the existing file by the new because I must keep the existing Hosts file, then no COPY.
Whereas each time the user log on the computer, the GPO is launched and the data in the HOSTS file are appended each time with the same data.
How can I deploy a Hosts file in order to update the Host file of all computer in the company. Have ou a solution or other idea ??
ASKER
All must have the same added information on the host file. Whereas some people had modified the hosts and i can't verify on each computer and i can't erase their hosts data. That's the reason why i can't copy/paste but append the file.
Then what could you propose ???
Then what could you propose ???
Ok that's not a problem, we can solve that easily. But to be able to write a script for you I need to know to which computers do you want to make this modification. Do you have a list of those computers or do you want to do this to all PCs in domain or within some IP range?
Understand - I'm not going to create a logon script, but the script that you will run once and it will modify HOSTS file on all computers - but I need to know what does it mean "all computers".
Understand - I'm not going to create a logon script, but the script that you will run once and it will modify HOSTS file on all computers - but I need to know what does it mean "all computers".
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That's it, the script must be executed one time, in all computer of the domain, all OU, there is no range IP or name list.
Then how can we do this in a GPO, for example at start logn or something else ???
Then how can we do this in a GPO, for example at start logn or something else ???
Ok I will try to write script like this. We can't use it as logon script so you will have to run it from one computer using your admin credentials and it will go to all computers in the domain (no exceptions? even DCs should have the new entries?). Give me some time, I'll do my best to give you the script today.
As I think about the situation and the script, I think RobSampson's script will do the job best. I was thinking about several different approaches, but all of them seems to have some drawbacks. The only universal solution I finally came up is completelly the same as Rob wrote, so I guess you should give his script a try.
Usually, in a situation where you would want to run something only once, I would get a list of all of the computers in the domain (which can be obtained via a script), and then run that list against a script that will edit a specific file. The major problem with that approach, is that not all computers will be on, and you need to make the script output those computers that it could not contact, so you can try them again later. It can be a very long, and somewhat manual process.
Using a login script makes the process much more automated. You say it needs to run only once, however, as I've written the script, it will either
1) update a HOSTS record where the IP Address or DNS Names match
2) add the specific record to the HOSTS file if it does not exist
3) do nothing if the required record does exist
So, by using my login script, whether it runs once or multiple times, it will have the same effect, so you can leave it on for a couple of weeks, to make sure you hit all computers, and you should be fine.
You can assign a login script via a GPO by following these steps:
1) Place the script (say MyFile.vbs) into the NetLogon share of a domain controller
2) Launch Active Directory Group Policy Management
3) Edit or create a GPO, and double-click on User Configuration --> Windows Settings --> Scripts (Logon/Logoff) --> Logon.
4) Click Add, and type in MyFile.vbs (or whatever your script name is)
5) Click OK, and close the editor.
6) Assign the GPO to a particular OU or domain
Regards,
Rob.
Using a login script makes the process much more automated. You say it needs to run only once, however, as I've written the script, it will either
1) update a HOSTS record where the IP Address or DNS Names match
2) add the specific record to the HOSTS file if it does not exist
3) do nothing if the required record does exist
So, by using my login script, whether it runs once or multiple times, it will have the same effect, so you can leave it on for a couple of weeks, to make sure you hit all computers, and you should be fine.
You can assign a login script via a GPO by following these steps:
1) Place the script (say MyFile.vbs) into the NetLogon share of a domain controller
2) Launch Active Directory Group Policy Management
3) Edit or create a GPO, and double-click on User Configuration --> Windows Settings --> Scripts (Logon/Logoff) --> Logon.
4) Click Add, and type in MyFile.vbs (or whatever your script name is)
5) Click OK, and close the editor.
6) Assign the GPO to a particular OU or domain
Regards,
Rob.
I was wondering if it is possible to add this to an existing logon script. We currently use a .cmd to map network drives. Would I be able to copy and paste this code into that file or does it require some modification?
are the hosts files on all clients supposed to be the same or are there some differences?
Based on WHAT do you want to distribute the new HOST file?(being in some OU, being on some subnet, member of a group or something different?)