GPO Login Script

Presentation

In this tutorial, we will see how to set up a GPO that will execute a logon script.

Logon scripts are usually in batch or vbs format, it is also possible to run PowerShell scripts.

The use of script in PowerShell requires to authorize the use of remote script (set-executionpolicy), it is also necessary to make sure to have the same version of PowerShell on all the computers, because from a version to another some cmdlet may be different or may not be available.

What you can do with a script:

  • Network drive mapping
  • Printer mapping
  • Editing the registry
  • Software installation / update / uninstall
  • Folder redirection
  • Message
  • ….

The main advantage of using a script is that it runs when the user session is open, which does not affect the logon time.

The main disadvantage that it is applied only once unlike the other Group Policy settings which are updated at regular intervals.

The use of script requires notions of development and to properly comment on them.

When retrieving scripts from the Internet, it is important to read and analyze them before applying them in your environment.

Implementation of a logon script

Open a “Run” window and enter the UNC address of the NETLOGON folder, \ domain-ad \ NETLOGON 1 and click OK 2.

Aller dans le dossier NETLOGON

Copy the script file 1 to the folder.

Copier le script d'ouverture de session

Copy the path of the script, select the file and make crlt + right click 1 and click on Copy as path 2.

Copier le chemin d'acces du script d'ouverture de session

Open the Group Policy Management console.

Console GPO

Create a new strategy, select the domain 1 and right click then Create a GPO in this domain, and link here … 2.

Création d'une stratégie

Name the strategy 1 and click OK 2.

Nom de la stratégie

Select your strategy 1, right click on it and click on Modify … 2.

Edition de la GPO

Navigate to the Scripts settings (login / logout) 1: User configuration> Policies> Windows settings. Double click on Login 2.

Paramètres

Click on Add … 1.

Ajouter un script d'ouverture de session

In the “Script name:” 1 field, copy the path then remove the quotes and click OK 2.

Copier le chemin du script d'ouverture de session

Check the script is selected 1, then click on Apply 2 and on OK 3.

Vérifier les parametres

The script 1 is visible in the Policy settings.

Paramètres de la GPO


Related Posts


GPO: Enabling and Configuring WinRM – Remote Management

Table Of ContentsPresentationGPO for WinRMConfiguring WinRMService configuration Presentation In this tutorial, we will have how to enable and configure remote management (WinRM - Windows Remote Manag

GPO: Installing the FusionInventory Agent

Introduction Following the many messages I can see on the forum concerning the installation of the Agent FusionInventory, I will explain how I have been doing for several years. In this article, I'll

WSUS: Set up client-side targeting

Presentation The client-side targeting on WSUS, when enabled, allows you to directly assign to a group declare in the console. This declaration is not done GPO or by modifying the register of the cust