Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Problem with Group Policy "Screen Saver Executable Name"

Posted on 2006-06-28
9
Medium Priority
?
662 Views
Last Modified: 2012-06-21
Hi

Windows 2003 server domain with XP workstations.

I'm using the Group Policy Editor to apply the Winexit.scr screensaver, so that the domain user is automatically logged off the workstation after a certain period of inactivity. I made the necessary changes to the winexit.scr, then put this file in a share on the fileserver, and pointed the Screen Saver Executable Name GPO to it.

So far so good.

Problem now is that the user doesn't have access to the registry, so when the GPO first tries to implement the screensaver & settings, the user gets an error message:

Erro Encountered while creating registry key. Make sure you have Set Value and Create SubKey permissions.

So there's some permessions I need to set in the registry for each user. What's the easiest way to centrally, automatically do that?

Thanks
0
Comment
Question by:Jason210
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
9 Comments
 
LVL 104

Accepted Solution

by:
Sembee earned 1500 total points
ID: 17004097
The easiest way I have found to deploy this is two steps...

1. Copy the screensaver to the relevant location using a login script.
2. Then set the GP using just the executable name.

By copying across with the script it runs in a different context and has the permissions to put the file in the right location.

Simon.
0
 
LVL 11

Author Comment

by:Jason210
ID: 17004192
So I need to copy it to each machine? But that only needs to be done once....

And in (2) you mean I omit the path completely?
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 1500 total points
ID: 17004215
Yes - copy to each machine. If you are clever with login scripts then you can get it to detect that the file is already there and not try and copy it each time.
And I do mean remove the path completely. Test it with one of the default screensavers first if you want to be sure.

Simon.
0
Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

 
LVL 11

Author Comment

by:Jason210
ID: 17004245
Ok, thanks. So now i need a good script....


points increased ;-)
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 1500 total points
ID: 17004874
0
 
LVL 11

Author Comment

by:Jason210
ID: 17008320
Thanks.

Slight modification seemed to work. I tagged this on to the end of the logon script:

if exist "c:\WINDOWS\system32\winexit.scr" goto yes
copy \\servername\Screensaver$\winexit.scr c:\WINDOWS\system32

:yes
0
 
LVL 11

Author Comment

by:Jason210
ID: 17008491
Having deployed the winexit file, and changed the GP using just the executable name, I tested it out, and still get this registry error message.

I have made a GP earlier that prevents users from editing the registry - could it be the cause?
0
 
LVL 11

Author Comment

by:Jason210
ID: 17008757
Apparently this particular screen saver doesn't work for oridinary users.

http://support.microsoft.com/?kbid=156677

I need to go in and change the registry key permissions.

Manually, this is a no-goer, but I could run a special one-time only script to do it. Apparently, I need to use some software called SubInACL.exe

So, I'm closing this question on a B and posting a new one on how to use this SubInACL.exe in a script to change the resgistry settings.

Many thanks
Jason
0
 
LVL 11

Author Comment

by:Jason210
ID: 17008798
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question