Sign in
 
HomeWindows Server 2012Windows Server 2008 R2Windows Server 2003LibraryForums
Windows Server TechCenter >
Updating Host File Through Group Policy

Unanswered Updating Host File Through Group Policy

  • Friday, November 23, 2012 11:26 PM
     
     
    Sign In to Vote
    0

    Hi how can I update the Host File for a computer through group policy?

    I cant use DNS because other departments will get affected as well. Is there any other way to enforce Host File Distribution from group policy to windows xp and seven?

    • Changed Type Sheen Lim Sunday, November 25, 2012 12:00 AM
    •  
     

All Replies

  • Saturday, November 24, 2012 1:43 PM
     
     
    Sign In to Vote
    0

    Group Policy Preferences "Files" can do that for you...

    Make sure you have installed http://support.microsoft.com/kb/943729 on your legacy OSes, then check http://technet.microsoft.com/en-us/library/cc771102.aspx

    NO THEY ARE NOT EVIL, if you know what you are doing: Good or bad GPOs?
    Wenn meine Antwort hilfreich war, freue ich mich über eine Bewertung! If my answer was helpful, I'm glad about a rating!

    • Marked As Answer by Sheen Lim Sunday, November 25, 2012 12:03 AM
    • Unmarked As Answer by Sheen Lim Sunday, November 25, 2012 12:57 AM
    •  
     
  • Sunday, November 25, 2012 1:11 AM
     
     
    Sign In to Vote
    0

    I have tried your suggestion, it did not work.

    I have moved the computer accounts to the OU where this GPO is located but it does not change or replace the host file. Domain users are already have read only access to 10.200.1.20\netlogin\Cagayan\scripts\ directory.

    By the way I have applied this settings to a Computer Configuration in the GPO. I have already restart the PC for the changes to take effect. My client computers is a windows 7 professional.

     
  • Monday, November 26, 2012 8:13 AM
    Moderator
     
     
    Sign In to Vote
    0

    Hi,

    Would you please let me know whether all Windows 7 clients failed to apply the GPP setting? In order to narrow down the cause of the issue, please collect the following information to see if the setting has been applied to the client correctly.

    GPMC.log

    ==================

    a. On domain controller, click Start ->Run, type GPMC.MSC, it will load the GPMC console.

    b. Right click on "Group Policy Result" and choose wizard to generate a report for the problematic computer and user account (please place appropriately). (Choose computer and select the proper user in the wizard)

    c. Right click  the resulting group policy result and click the "Save Report…" => save report to save the report to a HTML file.

    In addition, we could also choose to update the Hosts file via Startup script. For example:

    @echo off

    xcopy /Y \\server\share\hosts c:\Windows\system32\drivers\etc\hosts

    If you encounter any difficulties when customizing the scripts, you may submit a new question in the script forum which is a best resource for scripting related issues.

    The Official Scripting Guys Forum!

    http://social.technet.microsoft.com/Forums/en/ITCG/threads

    Best Regards,

    Andy Qi

    Andy Qi
    TechNet Community Support

     
  • Monday, November 26, 2012 9:17 AM
     
     
    Sign In to Vote
    0

    Im getting an error. Result: Failure (Error Code: 0x80070005) for the GPO for the Host File

    Preferences
    Windows Settings
    Files
    File (Target Path: C:\Windows\System32\drivers\etc\hosts)
    The following settings have applied to this object. Within this category, settings nearest the top of the report are the prevailing settings when resolving conflicts.
    hosts
    Winning GPO CDOGPO C Host File
    Result: Failure (Error Code: 0x80070005)
    General
    Action Replace
    Properties
    Source file(s) \\10.200.1.20\netlogon\Cagayan\Scripts\hosts
    Destination file C:\Windows\System32\drivers\etc\hosts
    Suppress errors on individual file actions Disabled
    Attributes
    Read-only Disabled
    Hidden Disabled
    Archive Enabled
    Control Panel Settings
    Local Users and Groups
    User (Name: Administrator (built-in))
    The following settings have applied to this object. Within this category, settings nearest the top of the report are the prevailing settings when resolving conflicts.
    Administrator (built-in)
    Winning GPO CDOGPO C Host File
    Result: Success
    Local User
    Action Update
    Properties
    User name Administrator (built-in)
    User must change password at next logon True
    Account is disabled False
    Account expires Never
    Services
    Service (Name: AudioSrv)
    The following settings have applied to this object. Within this category, settings nearest the top of the report are the prevailing settings when resolving conflicts.
    AudioSrv
    Winning GPO CDOGPO C Baseline Services
    Result: Success
    General
    Service name AudioSrv
    Action Start service
    Startup type: Automatic
    Wait timeout if service is locked: 30 seconds
    Service Account
    Log on service as: No change
    Recovery
    First failure: No change
    Second failure: No change
    Subsequent failures: No change
    Service (Name: eventlog)
    The following settings have applied to this object. Within this category, settings nearest the top of the report are the prevailing settings when resolving conflicts.
    eventlog
    Winning GPO CDOGPO C Baseline Services
    Result: Success
    General
    Service name eventlog
    Action Start service
    Startup type: Automatic
    Wait timeout if service is locked: 30 seconds
    Service Account
    Log on service as: No change
    Recovery
    First failure: No change
    Second failure: No change
    Subsequent failures: No change
    Service (Name: wuauserv)
    The following settings have applied to this object. Within this category, settings nearest the top of the report are the prevailing settings when resolving conflicts.
    wuauserv
    Winning GPO CDOGPO C Baseline Services
    Result: Success
    General
    Service name wuauserv
    Action Start service
    Startup type: Automatic
    Wait timeout if service is locked: 30 seconds
    Service Account
    Log on service as: No change
    Recovery
    First failure: No change
    Second failure: No change
    Subsequent failures: No change
    Service (Name: FontCache3.0.0.0)
    The following settings have applied to this object. Within this category, settings nearest the top of the report are the prevailing settings when resolving conflicts.
    FontCache3.0.0.0
    Winning GPO CDOGPO C Baseline Services
    Result: Success
    General
    Service name FontCache3.0.0.0
    Action Stop service
    Startup type: Disabled
    Wait timeout if service is locked: 30 seconds
    Service Account
    Log on service as: No change
    Recovery
    First failure: No change
    Second failure: No change
    Subsequent failures: No change
    Service (Name: FontCache4.0.0.0)
    The following settings have applied to this object. Within this category, settings nearest the top of the report are the prevailing settings when resolving conflicts.
    FontCache4.0.0.0
    Winning GPO CDOGPO C Baseline Services
    Result: Failure (Error Code: 0x80070424)
    General
    Service name FontCache4.0.0.0
    Action Stop service
    Startup type: Disabled
    Wait timeout if service is locked: 30 seconds
    Service Account
    Log on service as: No change
    Recovery
    First failure: No change
    Second failure: No change
    Subsequent failures: No change
    Service (Name: BITS)
    The following settings have applied to this object. Within this category, settings nearest the top of the report are the prevailing settings when resolving conflicts.
    BITS
    Winning GPO CDOGPO C Baseline Services
    Result: Success
    General
    Service name BITS
    Action Start service
    Startup type: Automatic
    Wait timeout if service is locked: 30 seconds
    Service Account
    Log on service as: No change
    Recovery
    First failure: No change
    Second failure: No change
    Subsequent failures: No change
    User Configuration
    No data available.

    • Edited by Sheen Lim Monday, November 26, 2012 9:19 AM
    •  
     
  • Monday, November 26, 2012 9:33 AM
     
     
    Sign In to Vote
    0

    Hi,

    You can try using the below script as startup script. Keep the modified host file in netlogon folder and from there copy over to desktop.\

    ================================================================================

    on error resume next
    Const OverwriteExisting = True
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    set shell = WScript.CreateObject("WScript.Shell")
    windowsdir = shell.ExpandEnvironmentStrings("%windir%")
    objFSO.CopyFile "\\Domain.com\NETLOGON\Hosts" , windowsdir & "\system32\drivers\etc\", OverwriteExisting

    ==============================================================================================

     
  • Monday, November 26, 2012 12:12 PM
     
     
    Sign In to Vote
    0
     
    > Im getting an error. Result: Failure (Error Code: 0x80070005) for the
    > GPO for the Host File
    >
     
    Access denied... The computer account has no access to the source share
    or directory or file...
    regards, Martin
     
    NO THEY ARE NOT EVIL, if you know what you are doing: Good or bad GPOs?
    Wenn meine Antwort hilfreich war, freue ich mich über eine Bewertung! If my answer was helpful, I'm glad about a rating!
     
  • Tuesday, November 27, 2012 9:55 AM
     
     
    Sign In to Vote
    0

    Hi im confirming that only my 64bit Windows 7 is experiencing this issue. 32bit windows 7 is already getting the host file.

    Is there an installer for windows 7 64bit for the Group Policy Client Extension Equivalent?

     
  • Tuesday, November 27, 2012 1:37 PM
     
     
    Sign In to Vote
    0
     
    > Hi im confirming that only my 64bit Windows 7 is experiencing this
    > issue. 32bit windows 7 is already getting the host file.
    >
     
    You are aware of System32 and Syswow64 on 64 bit windows?
     
    > Is there an installer for windows 7 64bit for the Group Policy Client
    > Extension Equivalent?
    >
     
    Thats not needed, Win7 has it built in already.
     
    NO THEY ARE NOT EVIL, if you know what you are doing: Good or bad GPOs?
    Wenn meine Antwort hilfreich war, freue ich mich über eine Bewertung! If my answer was helpful, I'm glad about a rating!
     
  • Wednesday, November 28, 2012 6:47 AM
     
     
    Sign In to Vote
    0
    You mean that IE64 andIE32 in Win7 is referring to another file? My server is windows server 2008 r2
     
  • Wednesday, November 28, 2012 1:15 PM
     
     
    Sign In to Vote
    0
     
    > You mean that IE64 andIE32 in Win7 is referring to another file? My
    > server is windows server 2008 r2
     
    According to
    the etc directory is an exception to this redirection. So both IE32 and
    IE64 will see %systemroot%\system32\drivers\etc and NOT syswow64.
     
    regards, Martin
     
    NO THEY ARE NOT EVIL, if you know what you are doing: Good or bad GPOs?
    Wenn meine Antwort hilfreich war, freue ich mich über eine Bewertung! If my answer was helpful, I'm glad about a rating!
     
  • Saturday, December 01, 2012 10:59 PM
     
     
    Sign In to Vote
    0
    But im still getting error on x64 systems
     
  • Tuesday, December 04, 2012 9:41 PM
     
     
    Sign In to Vote
    0
    Am 01.12.2012 23:59, schrieb Sheen Lim:
    > But im still getting error on x64 systems
     
    Great. And WHAT error?
     
    Are we still talking abouit this one?
     > Im getting an error. Result: Failure (Error Code: 0x80070005) for the
     > GPO for the Host File
     >
    Access denied... The computer account has no access to the source share
    or directory or file...
     
    NO THEY ARE NOT EVIL, if you know what you are doing: Good or bad GPOs?
    Wenn meine Antwort hilfreich war, freue ich mich über eine Bewertung! If my answer was helpful, I'm glad about a rating!
     
  • Wednesday, December 05, 2012 5:18 AM
     
     
    Sign In to Vote
    0
    If the computer account has no access to the shared folder, why is our 32bit os able to inherit, apply GPO and replace the the host file?
     
  • Wednesday, December 05, 2012 12:58 PM
     
     
    Sign In to Vote
    0
    > If the computer account has no access to the shared folder, why is our 32bit os able to inherit, apply GPO and replace the the host file?
     
    Hm, finally I got curious and did a repro on your task ;-)
     
    For me, it worked only after I created 2 items. One that deletes an existing hosts file and a second one that copies the new hosts file. Don't know why, but anyway. It worked on both Win7 32bit and Win8 64bit, so it's assumed to work also on Win7 64bit. Here's the xml for your reference:
     
    Element 1 - delete existing file:
     
    <?xml version="1.0" encoding="UTF-8"?>
    <File uid="{E995D84F-0093-450A-BE3A-A82AC6366EA9}" changed="2012-12-05 12:39:09" bypassErrors="1" image="3" status="hosts" name="hosts" clsid="{50BE44C8-567A-4ed1-B1D0-9234FE1F38AF}">
    <Properties suppress="1" hidden="0" archive="1" readOnly="0" targetPath="%SystemDir%\drivers\etc\hosts" action="D"/></File>
     
    Element 1 - copy new file:
     
    <?xml version="1.0" encoding="UTF-8"?>
    <File uid="{3C1F6DD4-5FF7-4713-9376-4CFFF088F60F}" changed="2012-12-05 12:39:21" image="2" status="hosts" name="hosts" clsid="{50BE44C8-567A-4ed1-B1D0-9234FE1F38AF}">
    <Properties suppress="1" hidden="0" archive="1" readOnly="0" targetPath="%SystemDir%\drivers\etc\hosts" fromPath="\\%DomainName%\netlogon\hosts" action="U"/></File>
     
    You might notice that I've chosen to put variables in all available paths and that my new hosts file resides on the netlogon share. Everyone has access to this share.
     
    regards, Martin
     
     
    NO THEY ARE NOT EVIL, if you know what you are doing: Good or bad GPOs?
    Wenn meine Antwort hilfreich war, freue ich mich über eine Bewertung! If my answer was helpful, I'm glad about a rating!