Information Technology Services (ITS)
University of Memphis Photo
How to Setup a GPO to Run Logon Scripts Related Topics

Active Directory Support

How to setup a GPO to run Logon Scripts

Prior to creating the Logon Script GPO, you must create the actual script file that will be run when your users log into Active Directory. This file can be placed on any server in AD that your users have access to.

Once the file is created, you need to make sure that your users have permissions to execute the script. It is suggested that you create a scripts$ share that points to the directory where the logon script is located and grant permission to the share instead of using file/directory permissions. You can do this via group membership, or you can give "Authenticated Users" read/execute permission to share$ where your login script is stored.

  1. Once the script has been created and the share configured, open Active Directory Users and Computers
  2. Right click the appropriate OU and select Properties
  3. Click the Group Policy tab.
  4. Click the New button and name your GPO according to the required naming standards <OU_Name-Sub_OU_Name-GPO>.
  5. Click the Edit button.
  6. In the group policy editor, open the following folder: Computer Configuration\Administrative Templates\System\Logon. In the right hand window, double click on Run these programs at user logon
  7. Select the Enable option and then click Show.
  8. In the Show Contents dialog box, click Add. In the Add Item dialog box, type in the path to your logon script using the format \\servername\sharename\filename.
  9. Click OK.
  10. Verify that the path is correct and click OK.
  11. Click OK.
  12. Close the Group Policy Object Editor window.
  13. At the OU GPO Properties page, click OK.

Now, anytime a user logs into a computer that is a member of your OU, they will run this logon script if they also have permissions to the location where the script resides.

Benefits

FAQs

AD Presentation by Jeremy Dennis

Learning Events

The material below originates from the training given by ExecuTrain to the LSP support community:

Project

Active Directory Rollout 2006
Click to enlarge

Text Only | Print | Got a Question? Ask TOM | Contact Us | Memphis, TN 38152 | 901/678-2000 | Copyright 2014 University of Memphis | Important Notice | Last Updated: 
Information Technology Services | 100 Administration Bldg. | Phone: 901.678.8888 | Email: UMTech@memphis.edu
Last Updated: 3/25/14