Executing External Program using Group Policy in Active Directory

 

Scenario : While configuring the automated asset inventory I required a batch file to be executed during logon for every user in domain without any user intervention which will create a scheduled task in that system. So I landed up in configuring a group policy to execute the specified batch file.

So I have followed the following steps

  1. Open Active directory users and computer Snap-in
  2. Right on OU / Domain select properties

  1. Open The group policy tab

  1. Go in User configuration
  2. Select Administrative Tools – -> System – -> Logon – -> Run These Programs at User logons

 

  1. Double click Run These Programs at User logons
  2. Select Enabled radio button and click show button
  3. Now click on Add button and specify the network path of executable file

After the above steps I was able to execute the batch file on logon for user , but our motive to avoid user intervention was not getting fulfilled. Following is the screen shot which was coming on every desktop

.

The above screen was coming because default windows restricts the execution of external program which are getting deployed from group policy To get rid of it I followed the following steps

  1. Group Policy snap–in
  2. User configuration – -> Administrative Tools – -> Windows Component – -> Attachment Manager
  3. Double click on Inclusion list for low file types

  1. Click on Enabled radio button
  2. Type the extension name which you want to execute in our case it is .bat

 

 

After all the above steps the execution of batch file on logon for every user was without any user intervention… J

You may have a question that why I have not went for User profile à login script in User properties??? The issue for going such option is every time when we create new user we need to configure the login script manually for each user / new user. Moreover if we apply the above solution on OU or Domain level we need to worry for new users logins.

 

Thanks

Prashant Deshpande

 

 

 

Advertisements

1 Comment

Filed under Uncategorized

One response to “Executing External Program using Group Policy in Active Directory

  1. Hi there, after reading this amazing paragraph i am also cheerful to share
    my know-how here with friends.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s