Sign in with
Sign up | Sign in
Your question

Applying shutdown script by local GPO

Last response: in Windows 2000/NT
Share
Anonymous
October 31, 2004 1:40:00 PM

Archived from groups: microsoft.public.win2000.group_policy (More info?)

Hi,

our network consists of Win2000 and XP workstations in an AD environment
(Win Server 2003). Group policies are applied from the domain
controllers in the usual way.

Now I want to do the following:

- Some mobile users must run a script on logout and shutdown even when
they are NOT on the (companies) network.

- The users must always login to the domain (and not local) even when
they are not connected to the network (using cached credentials).

I thought the easyest way of doing this would be to configure a local
group policy setting on these machines defining the shutdown/logout
scripts.

But these are never executed. They only run when the user logs in the
local computer (what I don't want them to do because they can start a
VPN connection later and use their cached login information to access
resources).

I can't apply the scripts by GPOs from the domain controller because the
scripts must be run from a local directory on the client's machine so
that they can be executed even if there is no network connection.

So, how can I apply local computer and user policies when a user does a
domain logon on this machine?

Thanks for your help.

Jens
Anonymous
November 1, 2004 12:56:36 PM

Archived from groups: microsoft.public.win2000.group_policy (More info?)

Could you place the login script(s) on the user's computer, and just
shortcut to the scripts in the startup group?

Ken


"Jens Hassler" <lukey@gmx.de> wrote in message
news:9Ju$acoHqNB.lukey@gmx.de...
> Hi,
>
> our network consists of Win2000 and XP workstations in an AD environment
> (Win Server 2003). Group policies are applied from the domain
> controllers in the usual way.
>
> Now I want to do the following:
>
> - Some mobile users must run a script on logout and shutdown even when
> they are NOT on the (companies) network.
>
> - The users must always login to the domain (and not local) even when
> they are not connected to the network (using cached credentials).
>
> I thought the easyest way of doing this would be to configure a local
> group policy setting on these machines defining the shutdown/logout
> scripts.
>
> But these are never executed. They only run when the user logs in the
> local computer (what I don't want them to do because they can start a
> VPN connection later and use their cached login information to access
> resources).
>
> I can't apply the scripts by GPOs from the domain controller because the
> scripts must be run from a local directory on the client's machine so
> that they can be executed even if there is no network connection.
>
> So, how can I apply local computer and user policies when a user does a
> domain logon on this machine?
>
> Thanks for your help.
>
> Jens
!