Multiple logon scripts assigned with Active Directory


3

3D

Wondering if there's any way to assign more than one logon script to a
Domain User account based on group membership.

For example, if they're a member of Domain Users, they would get
logon.bat, and if they were also a member of TeamX, they would also get
moredrives.bat.

Does AD only allow one logon script to run?

Thanks!
 
R

Ryan Hanisco

There are two ways to do this:

1. Make your logon script detect what groups they are in and call other
batch files one at a time. You can find numerous examples of VBS or WSH
logon scripts that do this. Search in Google.

2. Assign the logon scripts by GPO and use policy filtering to determine who
gets which ones. You can have many scripts run that way.
 
Ad

Advertisements

H

Herb Martin

3D said:
Wondering if there's any way to assign more than one logon script to a
Domain User account based on group membership.

For example, if they're a member of Domain Users, they would get
logon.bat, and if they were also a member of TeamX, they would also get
moredrives.bat.

Does AD only allow one logon script to run?
Sure, every GPO can have one. So adding more GPOs
is the naive answer.

But it is really sort of unnecessary since one Logon
script can all as many as you wish (as long as they
finish in time.)

You can even code one logon script so that it checks
a known location and runs any or all scripts it finds
have "appeared" there.

If exist \\server\share\morescripts.cmd call \\server\share\morescripts.cmd

Of course you are probably better off using an environment
variable for the server, i.e., %logonserver% and you might
want to put them in SysVol (as the share so they get replicated.
 
B

Brian Higgins

personally I prefer to put my logon scripts either in the GPO object (under
the sysvol share) or in the netlogon share, depending on the purpose, and if
they are going to be used by more then one GPO or not. and then assign all
scripts applicable, in a single GPO, and create my GPOs as needed based on
the need for separate settings for user groups, and reusing the logon
scripts as much as possible to maintain simplicity in managing them as much
as one can do with multiple geographic locations...
 
Ad

Advertisements

C

Cary Shultz [A.D. MVP]

3D,

Take a look at Richard Mueller's web site at http://www.rlmueller.net and
look at the free scripts that he has. There are several logon scripts that
he has for the different operating systems. They are based on group
membership. They work really well.

There is also the kixtart possibility. There is also the 'ifmember'
possibility.

--
Cary W. Shultz
Roanoke, VA 24014
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top