Solved

500 POINTS - ADD STATIC ROUTE VIA DOMAIN CONTROLLER AND GROUP POLICY

Posted on 2006-11-13
2
4,004 Views
Last Modified: 2008-01-09
I created a batch file that runs on global policy permissions under startup. It runs a simple route add statement. This works great for users that are Administrators but not at all for users that are basic users because route add statements can't be run due to a policy locking them down. Is there anyway to get this batch file to work without giving users the ability to modify any other network settings on there pc, or is there a way I can get group policy to just write this static route directly without requiring a batch file?

The computers are all Windows XP Professional SP2 and the AD is on Windows 2003 SP1.
0
Comment
Question by:ScubeduFan
2 Comments
 
LVL 32

Expert Comment

by:rsivanandan
Comment Utility
I would recommend to use the sysinternals tool PSEXEC for this;

http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/PsExec.mspx

download the tool and it would be something like this;

1. From the AD extract all the computer names and store it in a file (You can get this from AD admin tool)

2. Download psexec and just run it like this from your machine;

psexec @filewithcomputernames -u administrator -p <password> route.bat

You can use the same batch file which you used earlier.

Cheers,
Rajesh
0
 
LVL 82

Accepted Solution

by:
oBdA earned 500 total points
Comment Utility
Define the script in a policy as a *computer* startup script (and apply it to the OU with the client machines in it), not as a user logon script. The computer startup script runs with System account permissions, which makes it possible to change the route.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Offline files query 1 36
Microsoft AD for Secure LDAP 3 39
restore DAG configuration 1 25
Server 2008 Cluster Fail-over Errors 5 40
Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
This video discusses moving either the default database or any database to a new volume.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now