Problem with Group Policy "Screen Saver Executable Name"
Hi
Windows 2003 server domain with XP workstations.
I'm using the Group Policy Editor to apply the Winexit.scr screensaver, so that the domain user is automatically logged off the workstation after a certain period of inactivity. I made the necessary changes to the winexit.scr, then put this file in a share on the fileserver, and pointed the Screen Saver Executable Name GPO to it.
So far so good.
Problem now is that the user doesn't have access to the registry, so when the GPO first tries to implement the screensaver & settings, the user gets an error message:
Erro Encountered while creating registry key. Make sure you have Set Value and Create SubKey permissions.
So there's some permessions I need to set in the registry for each user. What's the easiest way to centrally, automatically do that?
Thanks
Windows 2003 server domain with XP workstations.
I'm using the Group Policy Editor to apply the Winexit.scr screensaver, so that the domain user is automatically logged off the workstation after a certain period of inactivity. I made the necessary changes to the winexit.scr, then put this file in a share on the fileserver, and pointed the Screen Saver Executable Name GPO to it.
So far so good.
Problem now is that the user doesn't have access to the registry, so when the GPO first tries to implement the screensaver & settings, the user gets an error message:
Erro Encountered while creating registry key. Make sure you have Set Value and Create SubKey permissions.
So there's some permessions I need to set in the registry for each user. What's the easiest way to centrally, automatically do that?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok, thanks. So now i need a good script....
points increased ;-)
points increased ;-)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks.
Slight modification seemed to work. I tagged this on to the end of the logon script:
if exist "c:\WINDOWS\system32\winex
copy \\servername\Screensaver$\
:yes
Slight modification seemed to work. I tagged this on to the end of the logon script:
if exist "c:\WINDOWS\system32\winex
copy \\servername\Screensaver$\
:yes
ASKER
Having deployed the winexit file, and changed the GP using just the executable name, I tested it out, and still get this registry error message.
I have made a GP earlier that prevents users from editing the registry - could it be the cause?
I have made a GP earlier that prevents users from editing the registry - could it be the cause?
ASKER
Apparently this particular screen saver doesn't work for oridinary users.
http://support.microsoft.com/?kbid=156677
I need to go in and change the registry key permissions.
Manually, this is a no-goer, but I could run a special one-time only script to do it. Apparently, I need to use some software called SubInACL.exe
So, I'm closing this question on a B and posting a new one on how to use this SubInACL.exe in a script to change the resgistry settings.
Many thanks
Jason
http://support.microsoft.com/?kbid=156677
I need to go in and change the registry key permissions.
Manually, this is a no-goer, but I could run a special one-time only script to do it. Apparently, I need to use some software called SubInACL.exe
So, I'm closing this question on a B and posting a new one on how to use this SubInACL.exe in a script to change the resgistry settings.
Many thanks
Jason
ASKER
ASKER
And in (2) you mean I omit the path completely?