General discussion


GPO logon script

By Shirokit ·
Hi everyone I?m new and certain I?m gonna use this site alot. I have been transferred to a new job from PC tech to basically domain admin.

Ok now the problem I have is I have to uninstall unlicensed applications from hundreds of users and to manually do this would take the better part of the year. There is a login script running on the domain that can not be changed so the only thing I can think of is adding a login script to a GPO and then linking those users to that GPO but the GPO doesn?t seem to apply. Ill post the steps I did below.

First thing I did was create a OU unit under Managed OU named Software removal login.
Under the Software removal login I created a Global Security group named Unlicensed app users and added the users to that group.

I then opened GPMC.MSC and browsed down to the managed group and right clicked software removal login OU and selected create and link a GPO here

I named the GPO Adobe and then right clicked it and selected Edit. I set the user logon script and closed the GPO window

Then I clicked on the GPO link under Software removal Login OU.
Under scope I removed authenticated users from the Security filter and added the Unlicensed app users group.
Under Details tab I changed GPO status to Computer Configuration settings disabled

Now for some reason the GPO does not seem to apply to those users.

I ran GPUPDATE /force on a pc and it asked to restart the pc so I did. After restart I logged in using one of those user accounts that also has admin rights on the test pc. The script did not run. At first I thought that it might be the script but after I right clicked Group Policy Results and ran Group Policy results Wizard I discovered that the GPO is not applying to the users in the Unlicensed app users group. All the other GPOs is under the domain object in GPMC and those seem to be the only policies that apply. None of those policies has the enforced option checked.
Now due to the company policy I can not place this GPO at the domain LVL and it has to be under its own OU under the Managed OU. The user accouns and computer accounts can not be moved from thier OU

Is there something I missed some ware or something I did wrong some ware like linking the GPO or perhaps in AD?
Any help will be appreciated as there is new software that needs to be uninstalled on different users coming in on a daily basis from the audit team.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums