Setting up a Logon Script through GPO in Windows Server 2008. By Daniel Petri - January 8, 2009 As written in the first part of this set of articles, there are two ways to assign Logon scripts.
The first is done on the Profile tab of the user properties dialog in the Active Directory Users and Computers (ADUC). The second is done via Group Policy Objects (GPO). This article will focus on the second method. To read more about the first method please read my "Setting up a Logon Script through Active Directory Users and Computers in Windows Server 2008" article. There are a few benefits for using GPOs to assign scripts: This is why for most scenarios, using GPOs is more useful than doing it the old fashioned way, through ADUC.
Note: Using Windows Server 2008 GPOs to assign logon scripts is mostly the same as it was in Windows 2003, but having some people asking me questions about it in Windows Server 2008 has triggered the writing of this article. Creating the logon script The logon script is the file that does the actual action. A window will open. How can I create a Windows Server 2003 bootable CD-ROM that has Service Pack 1 (SP1) slipstreamed into it? A.
To create a bootable Windows 2003 CD-ROM, you first need to extract the boot sector of an existing Windows 2003 installation CD-ROM. (This procedure should also work to create a Windows XP bootable CD-ROM; simply capture the boot sector of an XP CD-ROM.) To extract the boot sector, I used the IsoBuster CD-ROM and DVD data-recovery tool, which you can download here . After you install IsoBuster, perform these steps: Insert the Windows 2003 CD-ROM that you want to integrate with SP1. Alternatively, you can use a pre-extracted Windows 2003 boot sector file called Windows2003StdCDBootSector.img , which you can download here .
Next, you'll create the new structure for the Windows 2003 with integrated SP1 CD-ROM by performing these steps: Create a new folder on a local file system, and name the folder windows2003sp1. You're now ready to burn this new structure and the boot sector you extracted earlier to a CD-ROM to make a bootable Windows 2003 CD-ROM that has SP1 slipstreamed into it. Laser Printer Parts & Fusers: HP LaserJet, Lexmark, Samsung, Oki. Upside-Down-Ternet. My neighbours are stealing my wireless internet access.
I could encrypt it or alternately I could have fun. I'm starting here by splitting the network into two parts, the trusted half and the untrusted half. The trusted half has one netblock, the untrusted a different netblock. We use the DHCP server to identify mac addresses to give out the relevant addresses. /etc/dhcpd.conf IPtables is Fun! Suddenly everything is kittens! /sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -j DNAT --to-destination 126.96.36.199 For the uninitiated, this redirects all traffic to kittenwar. For more fun, we set iptables to forward everything to a transparent squid proxy running on port 80 on the machine.
/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1 That machine runs squid with a trivial redirector that downloads images, uses mogrify to turn them upside down and serves them out of its local webserver. The redirection script. ICSI Netalyzr.