Geek asks and answers

Is there a way to programmatically add a startup script to a local group policy?

I need to write a script that can add itself to startup scripts in local group policy so that it can run even if no user is logged in. You can do this using gpedit.msc and go to Computer Configuration> Windows Settings> Scripts> Startup. However, I did not find a way to do this programmatically.

I looked just editing the registry. I found an appropriate location HKLM\Software\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Scripts\Startup, but just adding my own entry has no effect. The computer is not part of a domain.

Does anyone know how to do this? Is there a WMI approach?

+3
source share
4

script , , . ,

  • script scripts.ini( script : "0CmdLine =" "0Parameters =".
  • (, "1CmdLine = myscript.vbs" "1Parameters ="
  • "version =" gpt.ini
  • Gpupdate,

: gpt.ini UTF-8, scripts.ini Unicode. M $!

, .

+2

, %windir%\system32\GroupPolicy\gpt.ini, [{42B5FAAE-6536-11D2-AE5A-0000F87571E3}{40B6664F-4972-11D1-A7CA-0000F87571E3}] gPCMachineExtensionNames Version . ().

script , , gpt.ini. script, , HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Startup\0, .

, , , , , , . , ...\Scripts\Startup\0, ...\Scripts\Startup\1 .

, , , .

gpupdate, .

+1

gpupdate/force. % systemroot%\System32\GroupPolicy % systemroot%\System32\GroupPolicy .

0

, , ( ).

please find below my batch for script expansion.

you only need 2 or 3 parameters, for example, at the end of the script.

also, keep in mind to edit gpt.ini if ​​necessary!
more information on gpt.ini here
The easiest way to determine the GUID is to edit the gpedit.msc file and see the changes.

be careful with the script and test it before using it in a productive environment!

@echo off
setlocal enabledelayedexpansion

REM get parameter for scripts.ini changes
if not "%~1"=="" (
set type=%1
) else (
goto enderror
)
if not "%~2"=="" (
set cmd=%2
) else (
goto enderror
)
if not "%~3"=="" (
set params=%3
) else (
set params=
)

if not exist scripts.ini echo. 2>scripts.ini

if exist scripts.ini (
set ctr=0

for /f %%a in (scripts.ini) do (
    echo %%a | findstr /C:"[Logon]" 1>nul
    if not errorlevel 1 (
    set /a ctr+=1
    )
)
if !ctr!==0 (
    echo [Logon]>>scripts.ini
)

set ctr=0

for /f %%a in (scripts.ini) do (
    echo %%a | findstr /C:"[Logoff]" 1>nul
    if not errorlevel 1 (
    set /a ctr+=1
    )
)
if !ctr!==0 (
    echo [Logoff]>>scripts.ini
)
)

REM remove scripts-new.ini if exists
if exist scripts-new.ini (
del /F /Q scripts-new.ini
)

REM ctr = number at front for each cmd-param pair - subctr = counter for lines --> pairs - diff = change from Logon to Logoff or vice versa
set ctr=0
set subctr=0
set diff=0
set used=0

for /f %%a in (scripts.ini) do (
set line=%%a

echo !line! | findstr /C:"[Logoff]" 1>nul
if not errorlevel 1 (
    if !diff!==1 goto endlogon
)

echo !line! | findstr "CmdLine=!cmd!" 1>nul
if not errorlevel 1 (
    set /a used+=1
)

if !diff!==1 (
echo !ctr!!line:~1!>>scripts-new.ini
set /a subctr+=1
if !subctr!==2 (
    set /a ctr+=1
    set subctr=0
)
)

echo !line! | findstr /C:"[Logon]" 1>nul
if not errorlevel 1 (
    set diff=1
    echo !line!>>scripts-new.ini
)
)

:endlogon

if /I !type!==logon if !used!==0 (
    echo !ctr!CmdLine=!cmd!>>scripts-new.ini
    echo !ctr!Parameters=!params!>>scripts-new.ini
)

set ctr=0
set diff=0
set used=0

for /f %%a in (scripts.ini) do (
set line=%%a

echo !line! | findstr /C:"[Logon]" 1>nul
if not errorlevel 1 (
    if !diff!==1 goto endlogoff
)

echo !line! | findstr "CmdLine=!cmd!" 1>nul
if not errorlevel 1 (
    set /a used+=1
)

if !diff!==1 (
echo !ctr!!line:~1!>>scripts-new.ini
set /a subctr+=1
if !subctr!==2 (
    set /a ctr+=1
    set subctr=0
)
)

echo !line! | findstr /C:"[Logoff]" 1>nul
if not errorlevel 1 (
    set diff=1
    echo !line!>>scripts-new.ini
)
)

:endlogoff

if /I !type!==logoff if !used!==0 (
    echo !ctr!CmdLine=!cmd!>>scripts-new.ini
    echo !ctr!Parameters=!params!>>scripts-new.ini
)

goto end

:enderror
echo Usage: scripts-extender.bat [LOGON ^| LOGOFF] [Script Name] "[optional Parameters for Script - WITH QUOTES!]"
echo Example: scripts-externder.bat logon netlogon.bat "param1 param2"

:end
move /Y scripts.ini scripts-old.ini
move /Y scripts-new.ini scripts.ini
0
source

More articles:


All Articles