[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 647
  • Last Modified:

Logon Script Does not Run for domain admins

I have a mixed domain, with my primary domain controller being SERVER 2008, several secondary 2008 controllers, and a couple older 2003 controllers.  I have logon scripts specified in both GPO and in the in Active Directory for all users.  Old servers used AD specified, and eventually we moved towards GPO based Logon Scripts.  The logon scripts run great for everyone, but the domain admins, and they get no logon script at all.  I have checked all the permissions I can find.
 Any one have any insight on this?
  • 2
1 Solution
rongillisAuthor Commented:
I should add, that if I manually browse to the \\DC\netlogon share, I can run the script fine
After logon to the system check the rsop.msc command to know which policy is applied.

Chandar Singh
Premkumar YogeswaranCommented:
Can you check whether the group policy is applying to the domain admin's user...?
Premkumar YogeswaranCommented:
Check whether Domain Admins group have deny permission in Group Policy.
Follow the steps below..!
Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
In the left console tree, right-click the name of the domain to which the policy is applied, and then click Properties.
Click the Group Policy tab.
Click the group policy object that you do not want to apply to administrators. By default, the only policy that is listed in the window is the Default Domain Policy.
Click Properties, and then click the Security tab.
Select Domain Admin Group check "Apply" Group policy
Also follow the same steps in the OU which the user belongs to...!

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now