R
Robert
How can I set up a login (logon) script for an active
directory group so that the members are setup properly?
Thanks...
directory group so that the members are setup properly?
Thanks...
Robert said:How can I set up a login (logon) script for an active
directory group so that the members are setup properly?
-----Original Message-----
To have login script settings apply to different users based on group
membership, there are two ways you can go:
[1] Create multiple GPOs with a different login script in each. Then filter
the ACL of the GPO and grant "Read" and "Apply Group Policy" to -only- the
group in question:
Filter the scope of Group Policy according to security group membership
http://www.microsoft.com/resources/documentation/WindowsSe rv/2003/enterprise/proddocs/en-us/Default.asp?
url=/resources/documentation/WindowsServ/2003/enterprise/pr
oddocs/en-us/Filter.asp
[2] Create a single login script in a single GPO and use something like
KIXSTART or command-line utilities like ifmember.exe (Resource Kit) or
memberof.exe (www.joeware.net, in the Win32
C# downloads section) to do something like:
(Pseudocode only, this will not work syntactically):
If (memberof Accounting=true) {
copy "accountingapp.lnk" c:\documents and settings\% username%\desktop
}
Either one will work, which one you choose will depend on your environment -
replication, bandwidth, processing power of your clients, etc. (Whether you
want your clients processing multiple small GPOs or one single bigger one.)
--
******************************
Laura E. Hunter - MCSE, MCT, MVP
Replies to newsgroup only
How can I set up a login (logon) script for an active
directory group so that the members are setup properly?
Thanks...
.
Plus the 'if member' functionality is built in to the client. You need
no other add-ons.
Is there a batch file way to check for rights
on a dir so that I could test for it and map if the user
has rights? What I don't want is several copies of a
loginscript for the various groups...