associate GPO with domain machines only
- .bat file running in a computer startup script deployed by GPO.
.bat file contents:
reg.exe import \\server\share\somefile.reg
also tried:
regedit -s \\server\share\somefile.reg
.reg file deploys a serial # in HKLM\software.
this part of the registry should definitely be accessible pre-logon.
- it's certainly accessible and modifiable as a power user.
I need to import the .reg file on specific machines in a school. Must restrict this .reg key to certain machines.
I absolutely cannot get this script to run when associated with machines.
I even tried creating an .adm file based on these reg keys still won't apply when associated with machines.
I've ALWAYS had issues getting GPO's to apply when running in the scope of the machine.
I'm at a loss, can anyone help?
Josh Hamilton
Network Admin
School of Communication Arts
Raleigh NC
Answers
- Howdie!
So from your description, the computer startup script is the way to go.
You have created a Group Policy with that computer startup script and linked it to an OU? Are there machine accounts in that OU? Have you checked whether the policy gets applied on clients (gpresult.exe and rsop.msc)?
Cheers,
Florian
Microsoft MVP - Group Policy (http://www.frickelsoft.net/blog)- Marked As Answer byMiles ZhangMSFT, ModeratorMonday, July 20, 2009 12:58 AM
Hi,
Thanks for the post.
As Florian said, please check if the Group Policy with that computer startup script has been linked it to the appropriate OU and check if the Group Policy has been applied on the client machines with Gpresult.log
If it has been applied on the client machine, we infer that this issue is caused by the registry file itself.
Please be assured that we need to run gpupdate /force command on the client machines after applying the group policy on the server side.
For further troubleshooting, we need to collect the following two information:
Info 1: MPS Report
=================
Please collect the Setup&Performance version of MPSReport from the server.
a. Download the MPS Report Tool from the following link:
b. After the download is complete, double-click this " MPSRPT_SETUPPerf.EXE" file. Then a CAB file will be generated called %COMPUTERNAME%_MPSReports.CAB. For example, if your computer name is "MyComputer", this CAB file will be named "MyComputer_MPSReports.CAB".
c. Open My Computer, browse to the "%systemroot%\MPSReports\Setup\Logs\CAB" folder. You can find the CAB file above and please send it to me.
Info 2: Gpresult.log
=============
Please run the "gpresult /v >c:\gpresult.txt" command on the problematic client. Please send the gpresult.txt file to me.
Use Windows Live SkyDrive (http://www.skydrive.live.com/) to upload the file and then give me the download address.
I look forward to your reply.
- Marked As Answer byMiles ZhangMSFT, ModeratorMonday, July 20, 2009 12:58 AM
All Replies
- more info about my setup:
Windows 03 server standard SP1
Windows XP SP3 clients - Howdie!
So from your description, the computer startup script is the way to go.
You have created a Group Policy with that computer startup script and linked it to an OU? Are there machine accounts in that OU? Have you checked whether the policy gets applied on clients (gpresult.exe and rsop.msc)?
Cheers,
Florian
Microsoft MVP - Group Policy (http://www.frickelsoft.net/blog)- Marked As Answer byMiles ZhangMSFT, ModeratorMonday, July 20, 2009 12:58 AM
Hi,
Thanks for the post.
As Florian said, please check if the Group Policy with that computer startup script has been linked it to the appropriate OU and check if the Group Policy has been applied on the client machines with Gpresult.log
If it has been applied on the client machine, we infer that this issue is caused by the registry file itself.
Please be assured that we need to run gpupdate /force command on the client machines after applying the group policy on the server side.
For further troubleshooting, we need to collect the following two information:
Info 1: MPS Report
=================
Please collect the Setup&Performance version of MPSReport from the server.
a. Download the MPS Report Tool from the following link:
b. After the download is complete, double-click this " MPSRPT_SETUPPerf.EXE" file. Then a CAB file will be generated called %COMPUTERNAME%_MPSReports.CAB. For example, if your computer name is "MyComputer", this CAB file will be named "MyComputer_MPSReports.CAB".
c. Open My Computer, browse to the "%systemroot%\MPSReports\Setup\Logs\CAB" folder. You can find the CAB file above and please send it to me.
Info 2: Gpresult.log
=============
Please run the "gpresult /v >c:\gpresult.txt" command on the problematic client. Please send the gpresult.txt file to me.
Use Windows Live SkyDrive (http://www.skydrive.live.com/) to upload the file and then give me the download address.
I look forward to your reply.
- Marked As Answer byMiles ZhangMSFT, ModeratorMonday, July 20, 2009 12:58 AM
