GPO: Run a script when the computer starts

Presentation

In this article, we will see how to set up a script that runs at startup of the post using Group Policy (GPO).

The advantage of using this type of script is that it is executed with the Administrators rights, which makes it possible to launch software installations on the workstation without any elevation of rights.

The other interest, in my opinion, is to target the actions at the non-user computer level, if we take the example of the printer mapping, a person from the accounting department connects temporarily to a station of the communication service, the two services being in two different buildings, it makes more sense to map printers based on the station than the user. It is the same with software installations, if the accounting posts have specific applications that are installed by scripts at logon, the application will be installed on the station of the communication.

Prerequisites

Prepare the script to set up and copy it to the domain controller (Desktop / Documents).

Script of the tutorial written in the Windows event log that validates its execution.

On Error Resume Next 
Dim WshShell
Set WshShell = Wscript.CreateObject("Wscript.shell")
WshShell.LogEvent 4, "--- RDR-IT : Script ouverture de poste ---"

Implementation of the GPO

1. Open the Group Policy Management Console, right-click 1 on the location where the policy is to be applied and click Create GPO in this field, and link it here 2 .
GPO console

2. Give the GPO 1 a name and click OK 2 .
GPO name

3. Right click on the 1 strategy and click on Edit 2 .
Edit GPO

4. Go to Computer Configuration / Policies / Windows Settings and open Scripts (Start / Stop) 1 .
Open scripts

5. Double-click on Start 1 to open the configuration window.
Startup

6. Click on Add 1 .
Click add

7. Click Browse 1 .
Browse

8. Copy the script 1 then select the file 2 and click on Open 3 .
Select script

9. Click OK 1 to add the script.
Add script

10. The script added in the properties, click Apply 1 then OK 2 .
Apply strategie

11. The strategy is ready.
Overview

Validate the operation of the strategy

Manipulation to do on a post where the strategy is applied.

If the station is already on, it must be restarted, because the script is run once at startup. The gpupdate command will not launch the script.

The script used for this article, written in the Application Log of the Event Viewer, verify that the event is logged.

observer events

Conclusion

The startup script allows actions to be performed directly on the computer even before a user session has been opened.

If the script uses network shares, verify that domain computers have access.


How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

We are sorry that this post was not useful for you!

Let us improve this post!



Related Posts


GPO: deploy msi applications
Presentation In this article, we will see how to deploy applications in MSI format using Group Policy (GPO). There are two deployment modes : Assigned: Applies mainly to computers, program installation is forced. Published: applies only to users, thi

Printer mapping: GPO and Script
When setting up an Active Directory, one of the things you want to set up automatically is the printer mapping to the different users. Before setting up GPOs, you must have shared your printers. As for mapping network drives, I'll introduce you to tw

WSUS: Set up client-side targeting
Presentation The client-side targeting on WSUS, when enabled, allows you to directly assign to a group declare in the console. This declaration is not done GPO or by modifying the register of the customer workstation. %start_p_primary%Once activated,

Leave a Comment