using the memberof option will preserve existing members in the target group
using the member option will NOT preserve existing members in the target group
(if I'm correct the administrator account is not removed form the
administrators group)
The fun part with restricted groups feature is that it will "protect" the
configuration while the server is running and startup scripts will not
#JORGE#
________________________________
From: [EMAIL PROTECTED] on behalf of Frank Abagnale
Sent: Wed 7/27/2005 11:26 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Startup Scripts...
Thanks Jorge,
I only want this script to run at Startup, it's for new servers that are built,
as soon as they logon I want the group to populate to the local group so that
our Ops team have access. The existing servers already have been done via a
previous script.
My knowledge of Restricted groups is limited, but from what I read its quite
powerful. Does Restricted Groups remove the existing members of a local
administrators group on a Server or Workstation once it's been enabled.
"Almeida Pinto, Jorge de" <> wrote:
oh yes they do... however only when the server is starting the startup
script will run. while the server is running then the startup script will not
run
Sam applies for shutdown scripts, logon scripts and logoff scripts ->
only when resp. shutdown, logon, or logoff occurs
What you want to use is the restricted groups with the memberof option.
(also through GPOs)
The member option dictates what the members of a group are and each
member in the group but not in the list will be removed
The memberof option does not dictated who the members are. It only says
that some sec. princ. is a member of a group
Cheers
#JORGE#
________________________________
From: [EMAIL PROTECTED] on behalf of Frank Abagnale
Sent: Wed 7/27/2005 10:43 AM
To: Active
Subject: [ActiveDir] Startup Scripts...
Hi,
I plann! ed to use a startup script to populate a global group to a
local group on series of Windows 2003 Servers in a single w2k3 domain so that
any new Servers which are built other than myself will be automatically
populated with this group. The Servers are placed in an sub OU.
My colleague has just said Startup Scripts do not run against
Servers....is this correct?
If this is, does anyone have ideas as to how I get the group to
automatically populate to all new Server builds without having to do it
manually.
thanks,
- Frank
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be copied,
disclosed to, retained or used by, any other party! . If you are not an
intended recipient then please promptly delete this e-mail and any attachment
and all copies and inform the sender. Thank you.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
________________________________
Start your day with Yahoo! - make it your home page
<http://us.rd.yahoo.com/evt=34442/*http://www.yahoo.com/r/hs>
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
