Who is good with *.adm file creation?

Permabanned
Joined
22 Apr 2007
Posts
1,805
I'm looking to create a .adm template to apply to Group Policy to make a permanent regisrty entry on client PCs (using Active Directory).

Just wondering if anyone has done this before?
 
just use the group policy editor to run a script that imports a reg file. :)

1) open the group policy editor and then right click to edit which policy you want to use.

2) expand computer configuration>windows settings>scripts>startup

3) click on the show files button. this will open up explorer. inside this folder you need to create 2 files.

startup.cmd which you will edit in notepad to contain this......

regedit /s logon.reg

now we need a file called logon.reg which will contain the registry entry. i assume this is following on from your logon prompt thread so the text for the regfile would be this....

Code:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"LogonPrompt"="blah blah"

with those 2 files saved, close the explorer window. now click the add button and choose the .cmd file you have just created. that's it. :)
 
I see,

But how will this work post logon? Or will it write the entry to the registry once, so, next time the user logs on the message appears, and then the script continues to run everytime they logon (incase the registry entry was changed)
 
marc2003 said:
2) expand computer configuration>windows settings>scripts>startup

by doing this, we are applying it to the pc itself. the script will run everytime the machine starts up. it will run every boot unless you remove the policy startup setting. bear in mind though, that the registry is modified on the local pc so removing the script won't remove the prompt from every pc. to do that, you would have to import a different reg file....

Code:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"LogonPrompt"=-

note the minus sign. that's what would delete it. :)
 
Thank you very much for your help.

I've had a play today and found a slightly more effective way.

I created an ADM file and added it as a template to the GPO.

I then set the filter to allow changes to all templates and managed to set it up this way so its covered by GP whatever the situation.

Here's the script I created:-

Code:
CLASS MACHINE

CATEGORY !!Winlogon

	POLICY !!DefaultDomainNameBox
		 KEYNAME "Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
			PART !!DefaultDomainNameBox 
			EDITTEXT
			DEFAULT !!DefaultDomainName_default
			VALUENAME "DefaultDomainName"
			END PART
	END POLICY

	POLICY !!WelcomeBox
		 KEYNAME "Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
			PART !!WelcomeBox 
			EDITTEXT
			DEFAULT !!Welcome_default
			VALUENAME "Welcome"
			END PART
	END POLICY

	POLICY !!LogonPromptBox
		 KEYNAME "Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
			PART !!LogonPromptBox 
			EDITTEXT
			DEFAULT !!LogonPrompt_default
			VALUENAME "LogonPrompt"
			END PART
	END POLICY

END CATEGORY

[strings]
Welcome_default="CUSTOMISE THE BLUE BAR"
LogonPrompt_default="YOUR LEGAL NOTICE HERE
DefaultDomainName_default="MYDOMIAN"
WelcomeBox="Enter Login screen title"
LogonPromptBox="Enter custom login prompt"
DefaultDomainNameBox="Enter Default Domain Name"
Winlogon="Configure Login Prompt & Default Domain"
 
thanks, yeah me too. Searched for a bit but its hard to describe exactly what you want as most just talk about the standard pop up window between CTRL, ALT, DEL and the logon window.

Thanks again
 
Back
Top Bottom