GPO Login Script

Presentation

In this tutorial, we will see how to set up a GPO that will execute a logon script.

Logon scripts are usually in batch or vbs format, it is also possible to run PowerShell scripts.

The use of script in PowerShell requires to authorize the use of remote script (set-executionpolicy), it is also necessary to make sure to have the same version of PowerShell on all the computers, because from a version to another some cmdlet may be different or may not be available.

What you can do with a script:

  • Network drive mapping
  • Printer mapping
  • Editing the registry
  • Software installation / update / uninstall
  • Folder redirection
  • Message
  • ….

The main advantage of using a script is that it runs when the user session is open, which does not affect the logon time.

The main disadvantage that it is applied only once unlike the other Group Policy settings which are updated at regular intervals.

The use of script requires notions of development and to properly comment on them.

When retrieving scripts from the Internet, it is important to read and analyze them before applying them in your environment.

Implementation of a logon script

Open a “Run” window and enter the UNC address of the NETLOGON folder, \ domain-ad \ NETLOGON 1 and click OK 2.

Aller dans le dossier NETLOGON

Copy the script file 1 to the folder.

Copier le script d'ouverture de session

Copy the path of the script, select the file and make crlt + right click 1 and click on Copy as path 2.

Copier le chemin d'acces du script d'ouverture de session

Open the Group Policy Management console.

Console GPO

Create a new strategy, select the domain 1 and right click then Create a GPO in this domain, and link here … 2.

Création d'une stratégie

Name the strategy 1 and click OK 2.

Nom de la stratégie

Select your strategy 1, right click on it and click on Modify … 2.

Edition de la GPO

Navigate to the Scripts settings (login / logout) 1: User configuration> Policies> Windows settings. Double click on Login 2.

Paramètres

Click on Add … 1.

Ajouter un script d'ouverture de session

In the “Script name:” 1 field, copy the path then remove the quotes and click OK 2.

Copier le chemin du script d'ouverture de session

Check the script is selected 1, then click on Apply 2 and on OK 3.

Vérifier les parametres

The script 1 is visible in the Policy settings.

Paramètres de la GPO


Comments are not currently available for this post.