Auto-allow Logon Scripts

[Brian]

Sorry if this has previously been asked, since I assume
it's a FAQ... I could not find anything in the 90+ pages
of messages :-(

For administrators who want to install software
automatically via a domain login script, and many times
silently, is there something that allows the admin (via
GPO or some registry entry) to bypass the user controlled
popup that may prevent them from installing required
software? By a registery entry, I mean one that says
domain login scripts are always allowed (not something a
spyware tool could abuse).

I am trying to install an SNMP agent on all our
desktop/laptop XP systems. It will install as a service
and set it to run automatically at startup. Many people
have installed the MSAS tool, and they can opt to block
it, which would be horrible. I would prefer to not have
any user intervention, or at the minimum a notice but no
capability to prevent it. Most will believe some spyware
has been loaded and try to uninstall it anyway if they see
the popup.

I know installing software via login scripts is not always
the best, but it is a common practice. This agent is only
one instance of the problem, and many others will be
running something via a login script and come across the
same problem.

Thanks in advance!

Brian

 

[Andre Da Costa]

http://support.microsoft.com/default.aspx?scid=kb;en-us;892375
--
Andre
Extended64 | http://www.extended64.com
Blog | http://www.extended64.com/blogs/andre
http://spaces.msn.com/members/adacosta
FAQ for MS AntiSpy http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm

 

[Brian]

Thanks!

I hope this is just a beta bug, and not the permanent
solution. Disabling the proactive feature in a business
environment of hundreds or thousands of PC's is not
feasible.

And of course, the workaround won't work. If the user is
going to block a "required" installation, I doubt they
will help by disabling the real-time protection so it will
install. In effect, MSAS is a simple (and free) method to
block the admin's efforts to centrally manage the desktops.

 

[Andre Da Costa]

You will probably be satisfied by the Enterprise Edition of MSAS Microsoft
is said to be working on, since the current beta is not targetted to network
environments, maybe things will change in a future beta release.
--
Andre
Extended64 | http://www.extended64.com
Blog | http://www.extended64.com/blogs/andre
http://spaces.msn.com/members/adacosta
FAQ for MS AntiSpy http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm

 

[Ron Chamberlin]

Hi Brian,
< In effect, MSAS is a simple (and free) method to block the admin's
efforts to centrally manage the desktops.>

Yuppers. Been there and tested that against my network folks several months
ago. Stopped them cold.

After this porduct hit sthe release stage, tehrer will be an Enterprise
version, which, we can hope, doesn't allow for shenanigans from the users
part.

Ron Chamberlin
MS-MVP