l am trying to run a GPO on all domain computers (all xp pro sp3) that will do the following via vbscript: time sync with one of our DC's (2k3 sp2), change the timezone, and offset the time.
I have manually tested each script, and they work fine. The problem is with getting the GPO to run all 3. The scripts are stored in a netlogon folder.
I have tried setting this up as startup scripts, but the scripts do not run.In some places, I have read that the local system account does not have access to network resources. In others, I have read that giving Domain Computers Read/Execute permissions should allow the system account access. I have tried that method, but no dice. Eventvwr shows the following error: Source: Userinit Error ID: 1000 Could not execute \\<domain controller>\netlogon\*.vbs. Access is denied. Is there somewhere else, other than the folders/files, that I need to give Domain Computers permissions?
I have also tried running these as logon scripts. I changed the system configurations to allow standard users to change their system time, however, I have not found an option in GPM to allow the standard user to change timezone. So, this method isn't doing it for me either.
I have read of other ways to make this work, such as: setting the logon scripts to run-as, building an msi, etc. I am not very experienced with GPO's, or vbscript so any suggestions on how to properly create this GPO would be appreciate. I prefer the easy way out, other than going to each machine and running these scripts manually.
Thanks in advance for the help.