A few months ago a few experts helped me develop a script to delete user profiles that were in backup status (found here
). I have that script set to execute upon user login. That script works great, but only if logged in by an administrator. I have group policies set to prevent student access to registry editing, so each time a user logs in, the script is denied access to the registry
I have played around with a few workarounds, but so far have not been successful in making it work in my managed environment.
For example, I have found that if while logged in as a student and right-click on the file while holding the shift key that the option to run as a different user appears. When the proper credentials entered, it executes just fine. I just can't figure out how to make it work through Group Policy.
My clients are all running Windows 7 Professional and DCs are 2008 R2.
This wouldn't be an issue if the user profiles wouldn't end up in backup status...if I could prevent it from happening in the first place then that would be ideal. This is just a band-aid solution.