GPO Login Script


In this tutorial, we will see how to set up a GPO that will execute a logon script.

Logon scripts are usually in batch or vbs format, it is also possible to run PowerShell scripts.

The use of script in PowerShell requires to authorize the use of remote script (set-executionpolicy), it is also necessary to make sure to have the same version of PowerShell on all the computers, because from a version to another some cmdlet may be different or may not be available.

What you can do with a script:

  • Network drive mapping
  • Printer mapping
  • Editing the registry
  • Software installation / update / uninstall
  • Folder redirection
  • Message
  • ….

The main advantage of using a script is that it runs when the user session is open, which does not affect the logon time.

The main disadvantage that it is applied only once unlike the other Group Policy settings which are updated at regular intervals.

The use of script requires notions of development and to properly comment on them.

When retrieving scripts from the Internet, it is important to read and analyze them before applying them in your environment.

Implementation of a logon script

Open a “Run” window and enter the UNC address of the NETLOGON folder, \ domain-ad \ NETLOGON 1 and click OK 2.

Aller dans le dossier NETLOGON

Copy the script file 1 to the folder.

Copier le script d'ouverture de session

Copy the path of the script, select the file and make crlt + right click 1 and click on Copy as path 2.

Copier le chemin d'acces du script d'ouverture de session

Open the Group Policy Management console.

Console GPO

Create a new strategy, select the domain 1 and right click then Create a GPO in this domain, and link here … 2.

Création d'une stratégie

Name the strategy 1 and click OK 2.

Nom de la stratégie

Select your strategy 1, right click on it and click on Modify … 2.

Edition de la GPO

Navigate to the Scripts settings (login / logout) 1: User configuration> Policies> Windows settings. Double click on Login 2.


Click on Add … 1.

Ajouter un script d'ouverture de session

In the “Script name:” 1 field, copy the path then remove the quotes and click OK 2.

Copier le chemin du script d'ouverture de session

Check the script is selected 1, then click on Apply 2 and on OK 3.

Vérifier les parametres

The script 1 is visible in the Policy settings.

Paramètres de la GPO

Related Posts

Active Directory: Multi Site, Subnet, and Replication Configuration

Presentation In this tutorial, we will approach the notions of Active Directory sites as well as subnets. Active Directory sites can optimize management in multi-site / network infrastructures by: Man

AppLocker : configuration in an Active Directory environment

SommairePresentationPrerequisitesGPO : AppLocker configurationValidate the functioning of AppLockerConclusion Presentation In this tutorial, we will see how to configure AppLocker in an Active Directo

GPO: Deploy RemoteApp Programs

Introduction In this tutorial we will see how to deploy RemoteApp configured by Group Policy (GPO) on an RDS farm. Prerequisites The deployment of the RDS farm must have: A server with the RD Web Acce

Scroll to Top