Solved

Powershell Logon Script under Windows XP

Posted on 2011-09-12
3
884 Views
Last Modified: 2012-05-12
I would like to run a Powershell Logon Script on a group of our Windows XP clients.  The XP clients are joined to our domain server which is running Server 2008 R2.  My problem is that XP does not seem to support the AD Logon Script Tab that is specifically for Powershell scripts.

My 'work around' was to use the normal logon script tab and call my script as a "Script Parameter" to powershell.exe.  This was working until I tested the policy on a user account which has the powershell.exe program blocked as not allowed to run.  We block powershell.exe so that users cannot get into powershell and run commands through it.

Is there a better way for me to restrict my users from using powershell but still be able to run my powershell script as a LOGON script?

I realize this is a rather long question, also with the number of things involved I had difficulty placing it in the right zone.  Sorry if I got the zone wrong.
0
Comment
Question by:januismer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 36567191
Since you are attempting to run a PS script, you need to call the PS exe and pass the script parameters to it.  You should unblock the exe on the workstations so it can run.

A normal user can't do a whole lot with PS, so I wouldn't be concerned with that.  Besides, if any user really figures out how to use PS you should bring them onto your IT Team!

0
 
LVL 1

Author Comment

by:januismer
ID: 36569006
Netman66, unfortunately our environment is a school and as you may know, anything that a student can get access to they will use to mess with your systems and circumvent your security.  We cannot take the risk that a student user may gain access to Powershell and begin running commands through it.

It is starting to look like I may just have to bite the bullet and re-create my scripts in a non-powershell language.  Any more comments are still appreciated.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 36569124
While I agree that schools are a challenge, you can't do anything Administratively without Admin rights.

Since you know a fair bit about PS already, try running it as a normal user and see what you can do that is not something they can already do using the GUI.

0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
My attempt to use PowerShell and other great resources found online to simplify the deployment of Office 365 ProPlus client components to any workstation that needs it, regardless of existing Office components that may be needing attention.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question