I'm currently working on a customized Windows installation ISO, where local GPOs are predeployed (using LGPO.exe (Local Group Policy Object Utility) and SetupComplete.cmd). This image is targeted primarily for standalone (not domain joined) clients, therefore local GPOs. I some cases this customized version of Windows may join a domain. In this case I like to run a Powershell script automatically, that fixes certain local GPOs that may conflict with domain GPOs. This should be transparent for the administrator that does the domain join. Is there a registry key or any other method I can use to accomplish this?
2
-
When you say "Executing Powershell script automatically on domain join" and if that is the particular thing you are asking about "Is there a registry key or any other method I can use to accomplish this?" then yes. You can have a schedule task that runs a powershell script to check whether or not it is domain joined, and then if so, run, and have it only run once. Or else you can have GPOs that run some script as a startup script just once with logic in the script that knows if it has run or not (e.g. check for run file) and you put that in your domain GPOs. I've done it both ways.– Vomit IT - Chunky Mess StyleCommented Mar 24 at 1:15
-
You can also use unattended file to run scripts after imaging as part of sysprep so you could have an image for domain and another for non-domain if it's important to run at domain join rather than domain join, then reboot (or move machine to AD OU then reboot) to have run-once script run.– Vomit IT - Chunky Mess StyleCommented Mar 24 at 1:16
Add a comment
|