Archived from groups: microsoft.public.win2000.security (
More info?)
Mark wrote:
> I would like to know if it is possible to create a GPO that will
> reference a pre-configured HOSTS file? I know it is possible to
> use Software Restriction Policies to restrict .exe from running
> on desktops, but i can't seem to find anywhere that will discuss
> pushing out a HOSTS file. I know that SMS will do this, but i am
> not using SMS on my network. Any information would be appreciated.
Hi
If the users are local admins, you can do it in a logon script, and
if not, you could do it in a computer startup script (with a GPO)
that runs as part of the boot up process (before the user logs in).
It runs under the system context and has admin rights.
To obtain the path to the hosts file on the local computer, this
is how to do it with a VBScript:
'--------------------8<----------------------
Set oShell = CreateObject("WScript.Shell")
sRegValue = "HKLM\SYSTEM\CurrentControlSet\Services" _
& "\Tcpip\Parameters\DataBasePath"
sHostsPath = oShell.RegRead(sRegValue)
WScript.Echo "Path to host file: " & sHostsPath
'--------------------8<----------------------
To be able to get the pre-configured hosts file over the network from
the computer startup script, you could put the file(s) on a network
share and grant read access for the AD group "Domain Computers" to the
share.
Alternatively, from the startup script, you could map a drive on
the fly, like this:
'--------------------8<----------------------
sDomainUser = "arp.corp\computer_fix"
sPswd = "something"
Set oNetwork = CreateObject("Wscript.Network")
oNetwork.MapNetworkDrive _
"Y:", "\\server\netlogon\some folder",, sDomainUser, sPswd
'--------------------8<----------------------
--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.mspx
Facebook
Twitter
Instagram