Search Results

Search found 31355 results on 1255 pages for 'google group'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 286/1255 | < Previous Page | 282 283 284 285 286 287 288 289 290 291 292 293  | Next Page >

  • deploying AV via GPO only to workstations

    - by jeremy
    We have a small (100 machines) Windows domain running Server 2008R2. We use Symantec Endpoint Protection 12.1 I want to have GPO deploy the AV software to client machines automatically, but only to client workstations, not to servers, which run a different software. I've set it up before using a GPO linked to the domain mycompany.local and it works, but it deploys the AV software to ALL machines on the domain, including my servers. I can create an OU in active directory for Servers, and perhaps create one for client machines too, but I'd rather not have to go and move new domain members from the default under Computers into a different folder. How can I use GPO to deploy this AV software only to workstations on our network, and not to servers?

    Read the article

  • Logon script does not run for all users

    - by Herohtar
    We have a standalone common-use workstation running Windows XP Pro SP3 and have created a script using Javascript (scriptname.js) that is to be run for each user. The file was added as a user logon script via gpedit.msc and tested using a newly created user account as well as an existing user account. The script ran and functioned as intended on both accounts; however, a few existing users have informed us that the script is not running on their accounts. All user accounts are members of the same groups and have identical permissions. We already have an existing script (but in this case, a batch file) that is applied in the same manner and it runs for all accounts without any problems. Furthermore, on the accounts where the new script does not run during logon, it can still be run manually and works fine. So the question is: what would cause this script to not run during logon on certain accounts? Thanks!

    Read the article

  • domain user disabling screensaver

    - by RASG
    I have the following situation: Due to security reasons the screensaver is activated after 10 minutes, and immediately locks the screen. There are GPOs preventing the user from changing the screensaver parameters and the background image. In order to bypass the background policy, some users are using bginfo The problem is that for some reason now the screensaver doesn't work anymore. The settings are still the same (10 minutes; locked to the user) and comparing snapshots of the registry before and after executing bginfo doesn't show any significant modification. Any hints? EDIT 1: Ok, i figured whats going on, but now i have another question. bginfo refreshes the user settings by reading HKEY_CURRENT_USER\Control Panel\Desktop, which has ScreenSaveActive. If the user set it to 0, disables the screensaver. Why isnt HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Control Panel\Desktop, which sets ScreenSaveActive to 1, being enforced? or if it is being enforced, where is bginfo storing the value 0, and how can it bypass the policy? EDIT 2: I also discovered that after setting any value to HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaveActive, it can be deleted and the last value will remain active. For some reason HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Control Panel\Desktop\ScreenSaveActive value is not being enforced to the user.

    Read the article

  • Deleted printers keeps coming back - and multiply

    - by MojoDK
    My users are on 2012 R2 RDS Session Host servers. I've used "Deploy Printers" (from Print Manager) to deploy 4 printers. The last week, I've had a lot of problems where users can't print. If I deleted the printer and added it again, they could print just fine. Now I've removed all printer deploying from GPO - and I have no printers in any login scripts. I did a gpupdate /force, but all the 4 printers are now listed 3 times... If I delete the printers and log off and back on, all the printers are popping up again. Sigh! This is driving me nuts. This script doesn't show any of the "SVFREJA" printers... Set objWMIService = GetObject("winmgmts:\\.\root\cimv2") Set colPrinters = objWMIService.ExecQuery ("Select * From Win32_Printer") If colPrinters.Count <> 0 Then 'If there are some network printers Dim s s = "" For Each objPrinterInstalled In colPrinters ' For each network printer s = s + objPrinterInstalled.Name + chr(13) Next msgbox s End if It gives me this result... (sry for the big picture) My problem is not with the "redirected" printers, my problem is that I have several printers with the same name (on SVFREJA) and I can't get rid of them. Any idea why I can't get rid of the "ophaned" printers??

    Read the article

  • Deploying Office 2013 via GPO

    - by NickC
    Looking at potential ways to deploy Office 2013 via GPO. First and most obvious way is to run a startup script which calls the Office 2013 setup.exe. Problem here is what happens after it is installed, will that startup script keep re-installing the product every time the machine boots? Another potential way is to install each Office component separately using the multitude of .msi files which are present, would that work and provide the same thing as a full install of Office? There is actually twenty three separate .msi files. What about officemui.msi is that a wrapper which contains calls to all of the other office components.

    Read the article

  • GPO startup script not copying files

    - by marcwenger
    I created a GPO startup script to execute for computers in a specific AD container. The script takes a file from the AD netlogon share and places it on a directory on the computer. Given the right permissions (ie: myself) can execute the script just fine and the file copies. But it doesn't work on startup - the file does not copy over from the AD server. The startup script should run as localsystem (am I right?). So the question is why do the files not copy on startup? Could it be because of: Is it permissions of the local system user? Reading the registry is problematic on startup? Obtaining files from the AD netlogon folder is problematic on startup? Am I missing it completely? My test machine does have the registry key and local directories as described in the script. I myself have standard user permissions on the test machine. AD server is Windows 2008, test client is Windows XP SP3 (and soon to be Windows 7, which I assume permissions issues will be inevitable) Dim wShell, fso, oraHome, tnsHome, key, srcDir Set wShell = WScript.CreateObject("WScript.Shell") Set fso = CreateObject("Scripting.FileSystemObject") key = "HKLM\Software\Oracle\Oracle_Home" On Error Resume Next orahome = wShell.RegRead(key) If err.Number = 0 Then tnsHome = oraHome + "\" + "network\admin\" srcDir = wShell.ExpandEnvironmentStrings("%logonserver%") + "\netlogon\UpdatedFiles\" fso.CopyFile srcDir + "file1.ext", tnsHome, true End If Side note: To ensure that the script is properly deployed, I purposely put some errors in the script, and on the next startup the error message appeared. So I know the GPO is deployed properly.

    Read the article

  • Users are getting a temporary profile

    - by Serhiy
    A bit about current setup: It is windows 2008 R2 AD servers (all of them are 2008R2) and couple locations which set as Sites. Each location has DFS on AD server. Roaming profiles are not used nor configured. Users have their home folder configured as mapped S: drive to DFS shared folder. For example: in profile tab user has: Home Folder - connect - S: to \\domain.com\dc\users\%username% We also have redirected Desktop, Documents and Downloads folders to \\domain.com\dc\users. Everything was fine. Suddenly (today), users in most locations lost their local profile (both XP and W7 desktops) and got temporary profiles. Also, it looks like local profile was created today (from folder properties). I checked events at couple machines and there is not errors related to profiles or logon process. I do not see issues in event logs at servers as well. Basically, I run out of ideas what is wrong and why machines lost their local profiles. PS: Laptop users do not have their folders redirected, but lost profiles as well.

    Read the article

  • Behaviour of disabling "Allow non-administrators to receive notifications" GPO

    - by Jaymz
    Hi everyone, As the title suggests, I'm trying to figure out the specific behaviour of the following GPO when disabled: Administrative Templates Windows Components Allow non-administrators to receive update notifications We've just started using WSUS, and have added a few machines for testing. At the moment, this is set to Enabled. The problem with this setting is it seems to allow users to opt out of certain updates if they deselect the checkbox after hitting custom install. My main concern with disabling this setting is this: Does it stop non-admins from getting the installs deployed to them? My guess would be that it will just install them silently at the set scheduled time, suppressing any prompts and ensuring they don't get the opportunity to cancel them (this is what I want). My worry is that non-admin users will never get updates pushed to them unless an admin goes and logs on to their machine (not what I want, and seems like a silly situation to be in). Thanks in advance, Jaymz.

    Read the article

  • Is it possible, via GPO or other method, to turn Internet Explorer's intranet compatibility mode OFF across a domain?

    - by dunc
    Our school's VLE has a few problems when running in IE8/IE9's Compatibility View. Mainly it causes difficulties with uploading files. This problem is easily remedied by un-ticking the Display intranet sites in Compatibility View option from Internet Explorer's Compatibility View options. However, I'm unable to find a way of doing this en masse. I can't find anything regarding this in GPO - would a registry hack or similar do the trick? Thanks in advance,

    Read the article

  • Temporary user-profiles on Windows Server 2008 TS

    - by sinni800
    Hello, for a publicly accessible terminal server I have created a user profile which only allows running of a few programs (demonstration of applications). This results in many people connecting to the same user name on the server, essentially sharing the same profile. How can I copy the original, empty profile on every logon to a seperate directory and delete it afterwards, so everybody starts with a clean copy of the "Guest"-Account?

    Read the article

  • Windows 7 blocks network access to network-installed apps

    - by VokinLoksar
    Windows 2008 R2 domain. Users, running Windows 7 Enterprise, are trying to run some software from a network share. Specifically, I've tested this with MATLAB and PuTTY. When starting, MATLAB has to contact a licensing server to get its license. This action fails for regular users when they start MATLAB from the network share. However, if they copy the installation directory to a local disk everything works fine. Running MATLAB as an admin user from the network share also works. Same story with PuTTY. If the executable is launched from the share, regular users cannot connect to any servers. Something is blocking network communications for programs that are launched from a network drive. Here's the only other mention I could find of the same problem: https://social.technet.microsoft.com/Forums/en-US/w7itpronetworking/thread/4504b192-0bc0-4402-8e00-a936ea7e6dff It's not the Windows firewall or the IE security settings. Does anyone have any clue as to what this is?

    Read the article

  • task scheduler - run interactively as any user with admin credentials

    - by Force Flow
    I'm trying to deploy a scheduled task with a GPO. The task is set to run at login and executes a batch file, which then executes an EXE file. However, I also need it to be interactive and run with admin privledges to bypass the UAC prompt for a username and password when the exe file runs. I created the task for "Vista and later". I've tried running the task as mydoman\administrator and as NT AUTHORITY\Authenticated users with "run only when user is logged in" and "run with highest privledges" selected. If I log in as anyone but administrator, the task does run in the background, as I can see the cmd.exe process running in task manager as mydomain\administrator. Only if I log in as administrator do I then see the cmd window with the batch script running. How can I get the cmd window to display no matter which user logs in?

    Read the article

  • how to change the default open-with program to a program on the second disk

    - by Scott????
    I have a 250GB HDD for my system and a 60GB SSD using a SATA port. I installed most of my applications on the SSD. There's a strange thing though. I can not change the default open-with program to a program which is on the SSD. I think it may be caused by permission so I gave my user a 'full control' permission on the security tab in disk properties. But changing permissions is not work. After I choose an application (I've tried Notepad++, Sublime, 7Zip, etc.), nothing is added in the below window: Also, if I install 7Zip on my machine, the right click menu items can not be added.

    Read the article

  • Security Restrictions Downloading From the Internet

    - by Cyper
    Hi, For some reason since we rolled out IE7 to the estate users are unable to download from the Internet, they get an error message "the operation could not be completed due to restrictions on the computer" I have checked the GPO and it allows downloads in the Default domain policy. I am I missing something in GPO or is this problem with IE7. Any help would be much appreciated. Cheers

    Read the article

  • GPO Startup Script can't modify HKU Registry?

    - by pepoluan
    I've been scratching my head with my current problem. You see, I have this Startup Script that I pushed via GPO. Problem is, although the script starts alright (I see the event it created when starting in the event log), it always fails when trying to enumerate and/or modify registry settings under HKU. If I login as administrator and execute the script manually, it works! If I startup a Command Prompt as SYSTEM (using the "at" workaround) and execute the script manually, it also works! If I reboot... the script always fails. Can anyone shed a light on my problem? Additional information: This script injects some registry values for the Local Administrator (i.e., S-1-5-21-etc etc etc-500), so I'm not sure that it's doable via GPP, not to mention that since nearly all the workstations in my domain are still using XP, so no guarantee of GPP support.

    Read the article

  • How to stop domain users from installing any software?

    - by Chris
    Hi everyone, I was wondering which policies, etc I could setup to stop any installations from occurring in a server 2003 domain environment? I have 2003 RC2 and XP Pro clients. I guess the quick easy way is to make everyone guests, but this also blocks them from other things that they might need to do/access. I've seen a lot of ideas but they do not fully block everything. I know there probably isn't a fix all but would like to get as close as possible. Thank you all,

    Read the article

  • User permission settings on DNS with windows 2003 server R2 standard edition

    - by Ghost Answer
    I have windows server 2003 r2 standard edition and some XP OS clients systems. I have created the DNS and profiles for all user. Now I want to authorized some users to installation of softwares, remove softwares and other such kind of things. How to I make such kind of policies for all different users on DNS. Please help me. May be this question can be same for another but I didn't get the solutions.

    Read the article

  • Deleting sender from Outlook Safe Senders using GPO?

    - by Hutch
    We're having an external company do a mailshot to our users. The message contains images that are linked rather than embedded in the image (bandwidth isn't an issue). So of course on recent versions of Outlook you're prompted to download the images, not the end of the world, but it would be nice if that didn't happen. There's a bug in the Office/Outlook ADM/ADMX templates that means that a custom list of Safe Senders won't import unless you follow this: http://support.microsoft.com/kb/2252421 Thing is, if I remove an entry from the Safe Senders file, it doesn't seem to remove it from Outlook, which seems odd?

    Read the article

  • Can a GPO Startup Script starts a background process and exit immediately?

    - by pepoluan
    I have Googled, and not yet found an answer. Scenario: One of my GPOs have a Startup Script that takes a long time to finish. For some reasons, we have to run the scripts synchronously. Naturally, this causes slow startup time (sometimes as long as 15 minutes!) before the Logon screen appears. After profiling and analyzing the perpetrator script, I conclusively determined that the step where it's taking a long time to finish will not affect the result of the succesive GPOs. In other words, that particular step (and all steps afterwards) can run in the background. My Question: Is it possible for the Startup Script to just 'trigger' another script/program that will run to completion even when the Startup Script exits? That is, the "child processes" of the Startup Script continues to live even when the Startup Script's process ends? Additional Info: The Domain Controllers are 2008 and 2008 R2's. The workstations are Windows XP.

    Read the article

  • Windows AD: Is loopback processing absolutely necessary in order to apply a user policy to users logging into computers in the OU?

    - by Brett
    I've had our AD setup running on server 2008r2 and now 2012, and I swear, a user policy applied to an OU containing only computers actually does apply to users logging into those computers, without loopback processing enabled. Everything I read seems to say that is not how it should work, but it does. Is this normal behavior? Just tested again - created a policy with a drive map (which is a user policy), applied it to an OU containing my terminal server, forced a gpupdate, logged out/in, and sure enough, the drive is mapped. I did NOT turn on loopback processing.

    Read the article

  • Google Cloud DNS and DNSSEC?

    - by Joe Burnett
    Since Google Cloud DNS does not currently support the record types for DNSSEC, is there any way to begin implementation of DNSSEC using TXT records? If I were using Google Cloud DNS, which I am, and they currently only support record types which include SOA, A, AAAA, CNAME, MX, NS, SPF, SRV, PTR and TXT: am I able to do it while constricted to these record types? Or do I have to wait until support is hard-coded into the service? I am just wondering because I would really like to ensure absolute integrity for my company so that I only convey realness in it's purity. =D

    Read the article

  • Single Sign On 802.1x Wireless - saying “Connecting to <SSID>”, hangs for 10 seconds, fails with “Unable to connect to <SSID>, Logging on…”.

    - by Phaedrus
    We are implementing WiFi on Windows 7 machines in our corporate environment. Machines should be able to log into the domain by WiFi as the Machine (Pre-Logon), and as the User (Post-Logon). We have everything working correctly except for 2 things: 1) Sometimes the login scripts don't run 2) The user VLAN is sometimes different than the machine vlan, and no DHCP renew occurs after user logon. I am clear that both these problems should be fixable by using the "Single Sign On" Option under the 802.1x Wireless Vista GPO, and setting the wireless to connect immediately before user logon and also by enabling "This network uses different VLAN for authentication with machine and user credentials" If I enable these GPO settings in a lab, the computer does authenticate & gets WIFI before the user logs on, so when the login box is displayed, it says “Windows will try to connect to ”, even though it is already connected (which should be ok?). Enter the user credentials and it goes to a screen saying “Connecting to ”, hangs for 10 seconds, fails with “Unable to connect to , Logging on…”. Desktop fires up and then the user re-authenticates with no problem as himself instead of the machine, but by that point, we defeat the point of the WiFi SSO “before user logon”. Also by that point, no DHCP renew seems to occur, and the user is still stuck with the wrong IP address for the new VLAN. When the “Connecting to ” screen comes up, there’s no indication on the AP or the Radius server that anything whatsoever is happening after credentials are entered until after the domain logon. Also with this policy enabled, sometimes windows hangs on a black screen indefinitely until I disable the Wireless NIC, so something is knackered for sure. What have I missed? Suggestions are much appreciated... /P

    Read the article

  • Add site to trusted sites through GPO

    - by Matt Bear
    I need to add a site to trusted sites on all computers in my domain. I can do it with the "site to zone assignment list", however when I do, it locks trusted sites on the client computer "this setting is managed by your administrator". What I need is a way to add the site, make it persistant, and not affects the users ability to add trusted sites of thier own. (It's a development enviroment, sites are created and tested regularly, they need that ability.)

    Read the article

  • Upgrade manually-installed msi by assigning software through gpo

    - by Mr Happy
    In the past I rolled out software by manually installing it on a "golden" workstation, creating an (ghost)image from that and rolling that out to the other workstations. I try not to do that any more for simple/small software, and when possible (if it's an .msi) I assign the software through gpo. I'm having a problem with one of those. The software was manually installed on the image, which was rolled out, and now I have an update for that software (new msi) and I'd like to assign it through gpo. Don't know if it's relevant but it's user assigned. The new version gets installed alongside with the old version (this is possible since the program folder is different between those versions). When I install the same msi by hand, it properly removes/upgrades the old version though. Is what I am trying to do possible?

    Read the article

  • Lockdown users on Windows Server 2012

    - by el.severo
    I set up a Active Directory on a server machine with Windows Server 2012 and I'd like to create some users with limitations like Windows Steady State does in Windows XP (locally). Seen already the Windows SteadyState Handbook (with Windows Server 2008), but I'd like to know if anyone has tried this before, the limitations are the following: 1. Prevent locked or roaming user profiles that cannot be found on the computer from logging on 2. Do not cache copies of locked or roaming user profiles for users who have previously logged on to this computer 3. Do not allow Windows to compute and store passwords using LAN Manager Hash values 4. Do not store usernames or passwords used to log on to the Windows Live ID or the domain 5. Prevent users from creating folders and files on drive C:\ 6. Lock profile to prevent the user from making permanent changes 7. Remove the Control Panel, Printer and Network Settings from the Classic Start menu 8. Remove the Favorites icon 9. Remove the My Network Places icon 10. Remove the Frequently Used Program list 11. Remove the Shared documents folder from My Computer 12. Remove control Panel icon 13. Remove the Set Program Access and Defaults icon 14. Remove the Network Connection(Connect To)icon 15. Remove the Printers and Faxes icon 16. Remove the Run icon 17. Prevent access to Windows Explorer features: Folder Options, Customize Toolbar, and the Notification Area 18. Prevent access to the taskbar 19. Prevent access to the command prompt 20. Prevent access to the registry editor 21. Prevent access to the Task Manager 22. Prevent access to Microsoft Management Console utilities 23. Prevent users from adding or removing printers 24. Prevent users from locking the computer 25. Prevent password changes (also requires the Control Panel icon to be removed) 26. Disable System Tools and other management programs 27. Prevent users from saving files to the desktop 28. Hide A Drive 29. Hide B Drive 30. Hide C Drive 31. Prevent changes to Internet Explorer registry settings 32. Empty the Temporary Internet Files folder when Internet Explorer is closed 33. Remove Internet Options 34. Remove General tab in Internet Options 35. Remove Security tab in Internet Options 36. Remove Privacy tab in Internet Options 37. Remove Content tab in Internet Options 38. Remove Connections tab in Internet Options 39. Remove Programs tab in Internet Options 40. Remove Advanced tab in Internet Options 41. Set a home page (Internet Explorer) 42. Restrict the possibility to change desktop image 43. Restrict the possibility to change wallpaper 44. Restrict usb flash drives Any suggestions for this? UPDATE: As @Dan suggested me I'd like to specify that would be applied to a educational scenario where students can login from a computer and want to add some restrictions to them.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 282 283 284 285 286 287 288 289 290 291 292 293  | Next Page >