How do I copy file to a client's system folder using gpo

certuran
certuran used Ask the Experts™
on
In a domain I need to copy a file (hosts) to the clients c:\windows\system32\drivers\etc.
Clients don't have local administrator rigths.
I want to use gpo
I have found script for runas. It works but when I use copy as a "command" it does not work. Also I can not call a batch file using runas

Dim objShell : Set objShell = CreateObject("Wscript.Shell")
strPassword = "password"
strCommand = "command"
 
objShell.Run "Runas /user:Administrator " & strCommand
wscript.sleep 2500 'wait 2.5 seconds
objShell.AppActivate "Runas.exe"
objShell.Sendkeys strPassword
objShell.SendKeys "~"

What should I do to finalize the method above or is there any other solution to copy file to clients?

Thank you
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
How about using the Files Preferences within a GPO?

Computer Configuration -> Preferences -> Windows Settings -> Files

Source file(s): \\DC1\Files\hosts
Destination File: c:\windows\system32\drivers\etc\hosts

Author

Commented:
For the Windows 2003 GPO "Computer Configuration -> Preferences -> Windows Settings -> Files"
is not available. We are still using 2003. Could you plese suggest another way.
Thank you
Darren CollinsTech Lead (Windows), Endpoint Device Management Services

Commented:
I suggest using a computer startup script.  Startup scripts can run as the local SYSTEM user account.  Do not confuse startup script with logon scripts which run as the user.

the startup script gpo is described here:
http://www.windowsitpro.com/article/permissions/adding-startup-scripts-to-gpos

Then you can have a startup script that just runs the "copy" from a network location.  Please note that the network share needs to have read access to 'Domain Computers' in order that the local SYSTEM account can see it.

E.g. network location:   \\server1\share1\newhosts.txt  - Folder  \\server1\share1\ needs 'Domain Computers' to have read access.

Script:
Set NEWHOSTS=\\server1\share1\newhosts.txt
Copy /Y "%NEWHOSTS%" c:\windows\system32\drivers\etc\hosts 

Open in new window


Hope this helps,
Daz
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
Thank you for detailed guide. I will implement it soon possibly tomorrow. And inform you.
Certuran

Author

Commented:
Dear Daz, it worked well. Before choosing Accept as Solution may I ask that could it be any "User Configuration" solution.
Tech Lead (Windows), Endpoint Device Management Services
Commented:
Startup scripts are 'Computer Configuration', necessarily because they run as System ans execute before any user has logged on.

'User Configuration' scripts can only be logon or logoff scripts which always run in the users context.  They only have access to things that the user already has access to and they run at the time the user actually logs on or off.  For example, if all your users had change access to the 'hosts' file you could have amended it using a logon script under 'User Configuration'.

Therefore you can't use a User Configuration GPO to change anything that the user does not have access to.  Plus, I believe it is good practice to use a 'per machine' solution to set 'per machine' settings, like 'Computer Configuration' GPOs (including startup and shutdown scripts), or scheduled tasks that run as SYSTEM, or a computer management tool like SCCM, Altiris etc.

Hope this helps,
Daz.

Author

Commented:
This is the very formal and pinpoint solution of this kind of request. It worked well. Thank you very much.
certuran

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial