Solved

ADMs and GPOs

Posted on 2006-11-30
7
434 Views
Last Modified: 2010-04-18
Is the limit of effect of an ADM script the writing/reading of a target system's registry? Or, are there FSO (file system) or WMI elemets which can be manipulated?
Thank you!
JohnD
0
Comment
Question by:johndarby
  • 3
  • 3
7 Comments
 
LVL 53

Expert Comment

by:McKnife
ID: 18049477
You can for example set permissions on files through computer config - windows settings - security settings
0
 
LVL 1

Author Comment

by:johndarby
ID: 18049962
Thanks McKnife. I know about GPOs, but am unsure about my options in importing a Administrative rule (ADM script) into a particular GPO?
0
 
LVL 51

Expert Comment

by:Netman66
ID: 18050115
You can have an ADM that is a system policy, yes.  When you import it, you'll need to make sure your Filtering is set in Group Policy Editor - uncheck the box for "only show policy settings that can be fully managed".  This should allow you to see any custom work.

0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 1

Author Comment

by:johndarby
ID: 18050138
Does the ADM only allow for registry edits on clients?
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 18050160
Not as it is, no - you need a custom ADM.  The only thing native that is included is changing permissions on keys.

If you can't figure out how to create the ADM, then use a GPO to call a script that runs REG or REGEDIT /s or pure VBScript to modify the keys.

0
 
LVL 1

Author Comment

by:johndarby
ID: 18050235
Ahh, then if I can call a VBScript from an ADM, the sky is the limit since I have access to all the methods and properties it can access through WMI, FSO and ADSI!
0
 
LVL 51

Expert Comment

by:Netman66
ID: 18050264
You bet.

You have 4 choices.

Computer Configuration>Windows Settings>Scripts = Startup or Shutdown

User Configuration>Windows Settings>Scripts = Logon or Logoff

The computer scripts execute in the SYSTEM context - keep in mind to use UNC paths in the scripts since no mapped drives exist outside a profile.

The User scripts execute in the context of the user unless elevated using runas or impersonate.

Have fun!
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thiā€¦
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now