Solved

ADMs and GPOs

Posted on 2006-11-30
7
436 Views
Last Modified: 2010-04-18
Is the limit of effect of an ADM script the writing/reading of a target system's registry? Or, are there FSO (file system) or WMI elemets which can be manipulated?
Thank you!
JohnD
0
Comment
Question by:johndarby
  • 3
  • 3
7 Comments
 
LVL 54

Expert Comment

by:McKnife
ID: 18049477
You can for example set permissions on files through computer config - windows settings - security settings
0
 
LVL 1

Author Comment

by:johndarby
ID: 18049962
Thanks McKnife. I know about GPOs, but am unsure about my options in importing a Administrative rule (ADM script) into a particular GPO?
0
 
LVL 51

Expert Comment

by:Netman66
ID: 18050115
You can have an ADM that is a system policy, yes.  When you import it, you'll need to make sure your Filtering is set in Group Policy Editor - uncheck the box for "only show policy settings that can be fully managed".  This should allow you to see any custom work.

0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 1

Author Comment

by:johndarby
ID: 18050138
Does the ADM only allow for registry edits on clients?
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 18050160
Not as it is, no - you need a custom ADM.  The only thing native that is included is changing permissions on keys.

If you can't figure out how to create the ADM, then use a GPO to call a script that runs REG or REGEDIT /s or pure VBScript to modify the keys.

0
 
LVL 1

Author Comment

by:johndarby
ID: 18050235
Ahh, then if I can call a VBScript from an ADM, the sky is the limit since I have access to all the methods and properties it can access through WMI, FSO and ADSI!
0
 
LVL 51

Expert Comment

by:Netman66
ID: 18050264
You bet.

You have 4 choices.

Computer Configuration>Windows Settings>Scripts = Startup or Shutdown

User Configuration>Windows Settings>Scripts = Logon or Logoff

The computer scripts execute in the SYSTEM context - keep in mind to use UNC paths in the scripts since no mapped drives exist outside a profile.

The User scripts execute in the context of the user unless elevated using runas or impersonate.

Have fun!
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question