none
GPO to update host file RRS feed

  • Question

  • How can I make use of the GPO to update the drvers\etc\hosts file of my domain users ?

    Can it be done ?

     

    Wednesday, July 20, 2011 8:40 AM

Answers

  • I agree with everyone else here that you should use DNS instead of host file.

    But if you want to use the host file as a blacklist, do the following :

    - Open a host file on a computer and write down the changes you want on it.

    - Save it then on a server share.

    - Use GPP Files to push it to your computers (at Computer configuration level).

    Deal is done.


    " Never panic before reboot ! "
    Friday, July 22, 2011 10:34 PM
  • Hi,

     A script to edit the file can be complex as you need to read each line and perform required edits using string parsing (you can search the web for many vbscript examples). Specifics would depend on what you're trying to do.

     

    Add a new entry is quite simple, using this batch file command

    echo 1.2.3.4 hostname.domain.com >> %windir%\system32\drivers\etc\hosts

     

    As others mentioned, using DNS to manage name resolution is typically much simpler than trying to manage hosts files. 

     

    Thanks,

    Guy

    Friday, July 22, 2011 10:11 PM
  • Host file has limited functions so better you user DNS. There us not any GP that can handle HOST File.
    Regards Suman B. Singh
    Friday, July 22, 2011 1:38 PM

All replies

  • Hi,

     There is no direct way to edit the hosts file with GPOs. You can use group policy preferences to copy over a new hosts file or use a script to edit the existing one and then execute the script using a GPO.

     

    Thanks,

    Guy

    Wednesday, July 20, 2011 4:20 PM
  • Are you having a challange by using DNS?  Can you elaborate on the why you are leveraging the use of the HOSTS file?  Maybe we can provide some additional recommendations with regard to name resolution.
    anITKB Visit anITKB.com, an IT Knowledge Base.
    facebook Follow me on Facebook.
    Wednesday, July 20, 2011 7:34 PM
  • how do i edit the existing host file using script ??

    Thursday, July 21, 2011 12:40 AM
  • Host file has limited functions so better you user DNS. There us not any GP that can handle HOST File.
    Regards Suman B. Singh
    Friday, July 22, 2011 1:38 PM
  • Hi,

     A script to edit the file can be complex as you need to read each line and perform required edits using string parsing (you can search the web for many vbscript examples). Specifics would depend on what you're trying to do.

     

    Add a new entry is quite simple, using this batch file command

    echo 1.2.3.4 hostname.domain.com >> %windir%\system32\drivers\etc\hosts

     

    As others mentioned, using DNS to manage name resolution is typically much simpler than trying to manage hosts files. 

     

    Thanks,

    Guy

    Friday, July 22, 2011 10:11 PM
  • I agree with everyone else here that you should use DNS instead of host file.

    But if you want to use the host file as a blacklist, do the following :

    - Open a host file on a computer and write down the changes you want on it.

    - Save it then on a server share.

    - Use GPP Files to push it to your computers (at Computer configuration level).

    Deal is done.


    " Never panic before reboot ! "
    Friday, July 22, 2011 10:34 PM
  • i tried using the share file method

    but it dont seems to work.

    when i run GPO query results it says GPO denied because empty.

    Monday, August 8, 2011 10:29 AM
  • Am 08.08.2011 12:29, schrieb yeowkm:

    it says GPO denied because empty

    Wrong GPO for the wrong target.
    computerconfiguration only applies to computer
    userconfiguration applies only to user

    if you try to apply computerconfiguration to a user, the user  will be
    effected by the GPO, but can not "apply" it, because the user part is
    "empty".

    Mark


    Mark Heitbrink - MVP Windows Server - Group Policy

    Homepage:       www.gruppenrichtlinien.de - deutsch
    GPO Tool:       www.reg2xml.com - Registry Export File Converter
    NetworkTrayTool www.gruppenrichtlinien.de/tools/Networktraytool.htm

    Monday, August 8, 2011 10:41 AM
  • what is GPP files ??
    Monday, August 8, 2011 12:06 PM
  • Am 08.08.2011 14:06, schrieb yeowkm:

    what is GPP files ??

    Open your eyes and think about it 5 secounds more ...

    .
    1
    .
    2
    .
    3
    .
    4
    .
    5
    .

    WHERE! did you configure it?


    Mark Heitbrink - MVP Windows Server - Group Policy

    Homepage:       www.gruppenrichtlinien.de - deutsch
    GPO Tool:       www.reg2xml.com - Registry Export File Converter
    NetworkTrayTool www.gruppenrichtlinien.de/tools/Networktraytool.htm

    Monday, August 8, 2011 1:00 PM
  • Am 08.08.2011 14:06, schrieb yeowkm:

    what is GPP files ??

    Open your eyes and think about it 5 secounds more ...

    .
    1
    .
    2
    .
    3
    .
    4
    .
    5
    .

    WHERE! did you configure it?


    Mark Heitbrink - MVP Windows Server - Group Policy

    Homepage:       www.gruppenrichtlinien.de - deutsch
    GPO Tool:       www.reg2xml.com - Registry Export File Converter
    NetworkTrayTool www.gruppenrichtlinien.de/tools/Networktraytool.htm

    Wow. What an arrogant and pointless response. You could have used far fewer words to do something radical, like maybe actually answer the question.

    (It took me longer than 5 seconds to figure out that what was meant was (probably) group policy preferences>files, which is relatively new to GPO's and many people, who don't work with GPO often, may not be familiar with.)

    Thursday, December 1, 2011 9:42 PM
  •  

    Are you still looking at how to update the hosts file using a GPO.  I have the same issue, I have an application that is OLD and hard coded to check only the Hosts file.  It is correct that you cannot directly modify the Hosts file using the GPO but you can do the following:

    You can call a VBS Script from your GPO or add this code to your login script

    1st thing to do is create a base Host file IP address and server name:  Example:

    192.168.80.50              RGG

    Now Save the hosts file...

    Now openup a .txt file using note pad:

    Copy and paste this code below into your file:((NOTE: the path to the Hosts file in this code is for Windows 7, so please make your adjustments))

     

    ' CODE START The 14 lines listed below will Change the IP Address in the Windows 7 Host File for the RGG Server
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    Set objFile = objFSO.OpenTextFile("c:\windows\system32\drivers\etc\hosts", ForReading)

    strtext = objFile.ReadAll
    objFile.Close
    'Here is the line you modify, the first IP address is the fake IP address your just added to the Hosts file

    'The Second IP address is the address you want to use for your server 192.168.183.254  MYSERVER

    strnewtext = Replace(strtext, "192.168.80.50  RGG", "192.168.183.254  MYSERVER")
    'This IP Address listed above is set to the KSC RGS server on the master image, the above line changes the hosts file
    'to the new RGS server IP address to allow Tagit to work
    Set objFile = objFSO.OpenTextFile("c:\windows\system32\drivers\etc\hosts", ForWriting)
    objFile.WriteLine strnewtext
    objFile.Close

    Set f=fso.OpenTextFile("c:\windows\system32\drivers\etc\hosts",ForAppending,True)

    ' CODE END

     

    Save the Text file as a .vbs file and give it a try..  Hope this helps you.

     

     

     

     

     

    Monday, February 6, 2012 7:10 PM
  • I know this thread is old but there is an excellent script on www.codeproject.com/Articles/11354/VBScript-for-reading-and-writing-to-the-Windows-ho that provides an extensive set of functions to edit a host file using VBScript.

    DOS Vader

    Monday, February 27, 2012 11:55 PM
  • Agree Michael!  Mark is Arrogant.


    Dream On Alice, This Ain't Wonderland

    Thursday, September 12, 2013 8:20 AM
  • Hello, I know this post is old but it can be done via Computer GPO.

    1. Put your desired hosts file \\ServerName\ShareName with everyone read access.
    2. Just create ChangeHosts.bat batch file with the following 2 lines:
    ren c:\windows\system32\drivers\etc\hosts C:\windows\system32\drivers\etc\hosts_original
    copy \\ServerName\ShareName\Hosts c:\windows\system32\drivers\etc\ /Y

    Create Computer GPO with start up script (Computer Start up GPO is better than User login script as the users will NOT need Administrative privileges)

    Reboot the computer - the desired hosts file should be working after Computer GPO executes.

    If you have to revert back to Original - use batch file "Reverthosts.bat" with following contents

    del c:\windows\system32\drivers\etc\hosts
    ren  C:\windows\system32\drivers\etc\hosts_original c:\windows\system32\drivers\etc\hosts

    Marcina

    Tuesday, November 26, 2013 7:54 PM
  • Ummmm...you are not a very mature individual.
    Saturday, November 8, 2014 11:40 AM
  • Plenty of reasons to edit hosts file instead of / as well as DNS, and this answer is excellent.

    Thanks

    In reply to Vuldar:

    I agree with everyone else here that you should use DNS instead of host file.

    But if you want to use the host file as a blacklist, do the following :

    - Open a host file on a computer and write down the changes you want on it.

    - Save it then on a server share.

    - Use GPP Files to push it to your computers (at Computer configuration level).

    Deal is done.


    " Never panic before reboot ! "


    • Edited by BowWeasel Wednesday, January 7, 2015 5:27 PM
    Wednesday, January 7, 2015 4:21 PM
  • Good in a normal Environment. Needed if you have a TEST DC on the PROD network. Don't want DNS running, and host file is a good option if you want out ;)
    Tuesday, March 22, 2016 12:00 PM
  • The reason I'm looking to use the hosts file instead of DNS is that I want to create a black list ONLY for certain users. If I were to do it in DNS then it would apply to everyone whereas using hosts files on the specific organizational units allows me to have black lists for specific organizational units. 
    Wednesday, June 29, 2016 4:24 PM
  • Actually you can use GP in Computer Configuration>Preferences>Windows Settings>Files 

    Add a file target to replace the local hosts.txt file with one you have on a network share. 

    Monday, May 8, 2017 4:35 PM
  • I know this is a pretty old post which has recently been resurrected, but to clarify, although it most certainly is better to use DNS, in manufacturing some vendors require the use of GPOs.  I have to maintain GPOs for a large number of machines even though we have fully functioning DNS.
    Friday, November 10, 2017 3:36 PM
  • Thanks for this, it worked. For some exceptional cases we needed this and it helped super.

    Anil Suthar

    Tuesday, October 22, 2019 2:25 AM