|
Posted by Roger Abell [MVP] on October 24, 2005, 10:21 am
If you were Registered and logged in, you could reply and use other advanced thread options
I am unsure of the repro steps for your scenario, but the way to
deliver a login script to a specific group of users is to have it defined
in a GPO that applies for only that group of users, either by the OU
where linked, or by security group filtering in the GPO definition.
I would need to test this out, but the sce client-side engine runs as
the system, so it may be that this is how the script is getting pulled
over - although it is true, as you have said, that a login/logoff script
is executed in the account's context.
>I have a login script set in my Default Domain policy. I don't want that
> script to run for a specific set of users. So I put their accounts in a
> group and set DENY read and execute permissions on the script on my DC(s).
> The scipt still seems to run for certain users. I verified that they are
> members of the group with the Deny permissions but the scipt still runs?!?
> How can the scipt be running since I've always understood that the scipts
> run
> with the users permissions? Thanks for any help.
| 
XML site map