Solved

500 POINTS - ADD STATIC ROUTE VIA DOMAIN CONTROLLER AND GROUP POLICY

Posted on 2006-11-13
2
4,111 Views
Last Modified: 2008-01-09
I created a batch file that runs on global policy permissions under startup. It runs a simple route add statement. This works great for users that are Administrators but not at all for users that are basic users because route add statements can't be run due to a policy locking them down. Is there anyway to get this batch file to work without giving users the ability to modify any other network settings on there pc, or is there a way I can get group policy to just write this static route directly without requiring a batch file?

The computers are all Windows XP Professional SP2 and the AD is on Windows 2003 SP1.
0
Comment
Question by:ScubeduFan
2 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17932107
I would recommend to use the sysinternals tool PSEXEC for this;

http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/PsExec.mspx

download the tool and it would be something like this;

1. From the AD extract all the computer names and store it in a file (You can get this from AD admin tool)

2. Download psexec and just run it like this from your machine;

psexec @filewithcomputernames -u administrator -p <password> route.bat

You can use the same batch file which you used earlier.

Cheers,
Rajesh
0
 
LVL 83

Accepted Solution

by:
oBdA earned 500 total points
ID: 17932449
Define the script in a policy as a *computer* startup script (and apply it to the OU with the client machines in it), not as a user logon script. The computer startup script runs with System account permissions, which makes it possible to change the route.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
An article on effective troubleshooting
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question