N
NMITGUY
Hi Folks;
I have the following situation. I am in a local OU in an AD tree. I
have administrative control over all local computers, however control of the
OU GPO is upstream, and not local. I have a mixture of XPSP2 and Win2KSP4
machines (mostly XP, but a reasonable number of Win2K).
We recently went through a corporate level change, wherein corporate is
no longer supporting SUS, and the prefered solution has become SMS. The
local update solution (not my choice) is WSUS, updating from Microsoft, and
only approving what corporate approves.
I have successfully installed, updated, and done the proper approvals.
It is now time to change the URL of the update server XX.XX.XX.Z to
XX.XX.XX.Y:NNNN
on more than several hundred clients. I have written a script which allows
me to see, and open, and modify a remote client's local group policy settings
in a gpedit editing session on my local (XPSP2) machine. The group policy
that is written back to the client follows the .adm template on my local
machine and is (especially for the Win2K machines) incorrect, causing
truncation errors when you open gpedit locally on the machine that has been
remotely managed (the URL of the update server shows that it has been
properly changed when group policies are remotely viewed, regardless of the
errors when it accessed locally).
I am close to being able to modify this setting remotely from my desk,
and yet at the same time a long way from it (the final process must be bullet
proof across the client range of OS' (Win2K and XP). I can alter the
registry remotely, however, the next time that group policy updates, it would
rewrite the old values. I have two versions of the script that allows remote
manipulation, one in VBScript, the other a cmd file. Below are the three
line contents of the .cmd file
@echo off
set /p remote="Please enter the IP of the remote computer : "
c:\windows\system32\cmd.exe /c gpedit.msc /gpcomputer:"%remote%"
P.S.
I have tried filtering in my gpedit view so that only properties applicable
to Win2K show, but to no avail. I still get truncation errors when opening
the group policy on the local computer after a remote edit on the Win2K boxes.
I have the following situation. I am in a local OU in an AD tree. I
have administrative control over all local computers, however control of the
OU GPO is upstream, and not local. I have a mixture of XPSP2 and Win2KSP4
machines (mostly XP, but a reasonable number of Win2K).
We recently went through a corporate level change, wherein corporate is
no longer supporting SUS, and the prefered solution has become SMS. The
local update solution (not my choice) is WSUS, updating from Microsoft, and
only approving what corporate approves.
I have successfully installed, updated, and done the proper approvals.
It is now time to change the URL of the update server XX.XX.XX.Z to
XX.XX.XX.Y:NNNN
on more than several hundred clients. I have written a script which allows
me to see, and open, and modify a remote client's local group policy settings
in a gpedit editing session on my local (XPSP2) machine. The group policy
that is written back to the client follows the .adm template on my local
machine and is (especially for the Win2K machines) incorrect, causing
truncation errors when you open gpedit locally on the machine that has been
remotely managed (the URL of the update server shows that it has been
properly changed when group policies are remotely viewed, regardless of the
errors when it accessed locally).
I am close to being able to modify this setting remotely from my desk,
and yet at the same time a long way from it (the final process must be bullet
proof across the client range of OS' (Win2K and XP). I can alter the
registry remotely, however, the next time that group policy updates, it would
rewrite the old values. I have two versions of the script that allows remote
manipulation, one in VBScript, the other a cmd file. Below are the three
line contents of the .cmd file
@echo off
set /p remote="Please enter the IP of the remote computer : "
c:\windows\system32\cmd.exe /c gpedit.msc /gpcomputer:"%remote%"
P.S.
I have tried filtering in my gpedit view so that only properties applicable
to Win2K show, but to no avail. I still get truncation errors when opening
the group policy on the local computer after a remote edit on the Win2K boxes.