Solved

Prevent Logon Scripts on Server

Posted on 2004-08-25
2
256 Views
Last Modified: 2010-04-14
I have applied logon scripts to be run across the domain through the "Default Domain Policy."  I want to prevent the logon scripts from running on the Domain Controllers.  I have unchecked "No Overide" on the Default Domain Policy, and blocked policy inheritance under the "Domain Controllers" OU, but the script still runs.
0
Comment
Question by:deriickmu
  • 2
2 Comments
 
LVL 9

Accepted Solution

by:
jdeclue earned 125 total points
ID: 11893228
Remove the logon scripts from the Default Domain Policy. Do not make changes to the Policy or place any new ones in the ROOT. This can and most likely will cause serious issues in you AD environment. Create a New Policy on a Container such as "Corporation Users" Or "Corporation Computers", right click on the OU and create a GPO there.

Background. THere are two default GPO's Default Domain Policy at the root, and Default Domain Controller Policy on the Domain Controllers OU. Anything put in the ROOT will apply to all OU's including the Domain Controllers etc. You should not move the Domain Controllers from the default container, they need to be treated differently than all other computers and do not apply any GPO changes to the ROOT of the domain.

J
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11893681
P.S. One more thing, make sure you set the Domain Controller OU back to the way it was regarding Overrides and policy inheritance, after you remove the changes you made to the Default Domain Policy. THe domain controllers need the Default Domain Policy the way it was, they get that policy and the additional settings from the Default Domain Controllers Policy.

Very bad test... do not do this, unless it is a test lab. Bring up a domain, create a new OU and move the Domain Controllers to it. Usually within about 1 hour, you will begin to lose tha ability to log in to the domain. After a little while the Domain controllers will begin to fail. It is really nasty.

J
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
windows 2000 3 430
Visual C++ Runtime Error on Windows 2000 Server 2 1,508
Migrate Windows NT to Windows 2003 2 513
Images sometimes not printed 6 482
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
When you have clients or friends from around the world, it becomes a challenge to arrange a meeting or effectively manage your time. This is where Outlook's capability to show 2 time zones in one calendar comes in handy.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question