Using GP, you can assign scripts to entire domains, organizational units, sites, and groups instead of repeatedly entering the same login script into multiple users' profiles. You can launch four types of scripts using a GPO: logon and logoff scripts, which apply to users, and startup and shutdown scripts, which apply to computers. Startup scripts are executed before logon scripts, and logoff scripts are executed before shutdown scripts.
You can write scripts in any number of languages. Windows Server 2008 is prepared to accept Jscript (.JS) and Visual Basic Scripting Edition (.VBS) files in addition to batch (.BAT), compiled command scripts (.COM), and application executables (.EXE). Scripts to be run through GP are stored on domain controllers in %SystemRoot%\SYSVOL\yourdomain.com\Policies\scripts, with yourdomain.com replaced with your fully qualified domain name.
You can assign startup and shutdown scripts in GP using the following procedure:
1. In the Group Policy Object Editor, navigate in the lefthand pane through Computer Configuration, Policies, Windows Settings, and Scripts (Startup/Shutdown).
2. In the righthand pane, click Startup and Shutdown to modify the scripts assigned to each.
You can assign logon and logoff scripts in GP using the following procedure:
1. In the Group Policy Object Editor, navigate in the lefthand pane through User Configuration, Policies, Windows Settings, and Scripts (Logon/Logoff).
2. In the righthand pane, click Logon and Logoff to modify the scripts assigned to each.
You can further define properties for these scripts under the Computer Configuration/Policies/Administrative Templates/System/Scripts and User Configuration/Administrative Templates/System/Scripts nodes in the Group Policy Object Editor. For users running scripts, you have the following options :
"Run legacy logon scripts hidden" tells Windows not to display the DOS window when using a .COM or .BAT logon or logoff script.
"Run logoff scripts visible" indicates whether the actions and results of the logoff script's execution should be displayed to the user.
"Run logon scripts synchronously" allows you to specify multiple scripts and have them run at the same time rather than in sequence as the default dictates.
"Run logon scripts visible" indicates whether the actions and results of the logon script's execution should be displayed to the user.
For computers running scripts, you can configure the following options:
"Allow logon scripts when NetBIOS or WINS is disabled" instructs Windows to either run or ignore logon scripts depending on where you have enabled the old legacy-compatible NetBIOS and WINS naming schemes.
"Maximum wait time for Group Policy scripts" sets a cutoff time for the execution of scripts specified in GP before Windows simply cuts them off and continues with the process at hand.
"Run shutdown scripts visible" indicates whether the actions and results of the shutdown script's execution should be displayed to the user.
"Run startup scripts asynchronously" allows to you to specify multiple scripts and have them run in sequence, rather than at the same time, as the default dictates.
"Run startup scripts visible" indicates whether the actions and results of the startup script's execution should be displayed to the user.
*.* Source of Information : O'Reilly Windows Server 2008: The Definitive Guide
No comments:
Post a Comment