victor2008
asked on
login.bat in active directory. Can I apply the login script to my computers OU or does it need to be at the User OU?
I'm not able to move all my users in the User OU (long story). Is there a way to apply the login script to run on the computer? I usually create a gpo that runs a login.bat for users in my OU. I need login.bat to run for all computers. Can i create a gpo that runs the login.bat for my computers OU (under, Computer Configuration - Windows Settings - Scripts - Startup)?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
FF, screwed up , here is part 2--
via each computer's start-up folder:
Use a script to copy the logon script to each computer's "All Users" "Startup" folder as a hidden, system file (To ensure the average user will not see it).
The script that copies the logon script locally could be one which runs as a scheduled task on a domain controller, or it could be a start-up script you will apply to the Computers GPO.
Use SCHTasks to schedule a task to run the
via each computer's start-up folder:
Use a script to copy the logon script to each computer's "All Users" "Startup" folder as a hidden, system file (To ensure the average user will not see it).
The script that copies the logon script locally could be one which runs as a scheduled task on a domain controller, or it could be a start-up script you will apply to the Computers GPO.
Use SCHTasks to schedule a task to run the
FF, screwed up , here is part 2------again--
Via each computer's start-up folder:
Use a script to copy the logon script to each computer's "All Users" "Startup" folder as a hidden, system file (To ensure the average user will not see it).
The script that is placed on each client machine should only have 1 line, which will set the ECHO off and then will CALL the actual logon script from your domain controller If it exists (See attached example) NOTE: You can put a link to the batch file on the domain controller instead if you prefer.
The script that copies the logon script locally could be one which runs as a scheduled task on a domain controller, or it could be a start-up script you will apply to the Computers GPO.
Via Scheduled tasks on each computer:
Use SCHTasks to schedule a task to run each of the client computers. That task will be a direct invocation of the script on the domain controller (similar to the last option except there is no file you need to use to do it.
To schedule your batch file on each computer you can use a start-up GPO to get it done on each machine next time it's restarted, or you can write a script to schedule the task on every computer that does not have it, which runs regularly on the domain controller.
Note in the following examples you supply the parts within the []s:
To schedule the task on the computer executing the command:
schtasks /Create /RU ["Run-As"-Username] /RP ["Run-As"-Password] /SC ONLOGON /TN ["RunLogonScript"] /TR ["\\MyDomain.Com\NETLOGON\ LogonScrip t.bat"]
To Schedule the task on different computer:
schtasks /Create /S [ComputerName] /U [Username_To_Connect-To-Th e-Computer ] /P [Password_To_Connect-To-Th e-Computer ] /RU ["Run-As"-Username] /RP ["Run-As"-Password] /SC ONLOGON /TN ["RunLogonScript"] /TR ["\\MyDomain.Com\NETLOGON\ LogonScrip t.bat"]
Via each computer's start-up folder:
Use a script to copy the logon script to each computer's "All Users" "Startup" folder as a hidden, system file (To ensure the average user will not see it).
The script that is placed on each client machine should only have 1 line, which will set the ECHO off and then will CALL the actual logon script from your domain controller If it exists (See attached example) NOTE: You can put a link to the batch file on the domain controller instead if you prefer.
The script that copies the logon script locally could be one which runs as a scheduled task on a domain controller, or it could be a start-up script you will apply to the Computers GPO.
Via Scheduled tasks on each computer:
Use SCHTasks to schedule a task to run each of the client computers. That task will be a direct invocation of the script on the domain controller (similar to the last option except there is no file you need to use to do it.
To schedule your batch file on each computer you can use a start-up GPO to get it done on each machine next time it's restarted, or you can write a script to schedule the task on every computer that does not have it, which runs regularly on the domain controller.
Note in the following examples you supply the parts within the []s:
To schedule the task on the computer executing the command:
schtasks /Create /RU ["Run-As"-Username] /RP ["Run-As"-Password] /SC ONLOGON /TN ["RunLogonScript"] /TR ["\\MyDomain.Com\NETLOGON\
To Schedule the task on different computer:
schtasks /Create /S [ComputerName] /U [Username_To_Connect-To-Th
@ECHO OFF& IF EXIST "\\MyDomain.Com\NETLOGON\LogonScript.bat" CALL "\\MyDomain.Com\NETLOGON\LogonScript.bat"
Thanks for the points mate! ~Q
If you set up a startup script in the OU, that script will run for the computer regardless of user. But that script will run once on the computer at startup, not multiple times on each user login.
What you can do though is go old-school. Instead of specifying the login script in Active Directory policies, specify the login script in the user account (Profile tab).