Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
N1k1nv2019-05-21 08:58:15
Group Policies
N1k1nv, 2019-05-21 08:58:15

How to properly create a Server 2012 R2 Group Policy?

Welcome all!
Task: create a group policy that runs a specific .exe file with specific keys and distribute it to all PCs.
How I do it: I open "Group Policy Management" on the domain controller, open Forest -> Domains -> My domain name -> and there I do "Create a GPO in this domain and link it", "Authenticated" security filters are automatically set , i.e. this, as I understand it, is all domain users who are authorized when logging into Windows. Next, I open the policy itself and set all the settings, specify the network path to the .exe file, launch options, etc. I noticed an important point: if you specify in "general" - "Run only for registered user", and below - admin account, then the policy is created and distributed to the PC, but I need it to be executed "Perform all dependencies on user registration", those. as I understand it, this is when the admin is not logged in, then the policy will be executed on his behalf? If yes, then I need it that way, only in this case the policy is not applied and errors constantly fly in the log:
"Computer preference item 'Start_GPO' in GPOtest 'GPOtest {46A131D0-0FA5-4907-8E7B-A40B10C820C2}' was not applied due to error code '0x80070005 Access denied.' This bug has been disabled.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
2
20ivs, 2019-05-21
@20ivs

I specify the network path to the .exe

Do the users that the policy applies to have access to this directory?

Report
V
Viktor, 2019-05-21
@necroic

Next, open the policy itself and set all the settings

Are you configuring the settings in the User or Computer section of the policy?
In the first case, it will work only when logging in, since in the user context, in the second case, you can configure it to start at computer startup, it will be executed on behalf of the system.
And, of course, you need access to the directory, as described above.
If you have a domain, you can put it in the \\domain name\netlogon folder, from there everyone can read

Similar questions
O
oskey_one2018-08-16 12:54:10
Distribution of rights to home (personal network) folders of users through GPO? 1Reply
A
AntohaRomaha2016-04-27 09:00:46
How to require LOGIN and PASSWORD each time when connecting via RDP to Windows Server 2008 R2 using WinServ? 2Reply
N
nstadnik2020-09-05 13:29:16
How to apply certain group policies only to new computers/users? 1Reply
N
Nizitka2016-05-31 13:23:52
Why is the documents folder created with the name Documents-test? 1Reply
A
Aborigen10202018-11-29 09:24:27
How to manage scheduled tasks with GP? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question