[Samba] group policies, domain policies and workstationpolicies without Active Directory??

rruegner robowarp at gmx.de
Tue Dec 9 01:07:29 GMT 2003

Hi, read this tips find on
good old google


nearly every job can be done with the ms tools, ask some qualified win
admins they should know this
i use them with samba to monitor ( root prexec) merge regs domain policies
My logon scripts are created from a template which is in the netlogon share
( use modified example script in samba pack )
and relate them to users machines groups ( ifmember.exe )
with an inteligent combination you can perform nearly every admin job you
the only problem i got known is the automatic install of any kind of
software to the win clients
like netinstall cause there is no freeware program to do this in the same
praktikal way, but there are solutions for some installer types.
the so called pstools can be helpfull as well.

To silently Merge a filename.reg file, use the following syntax:

regedit /s <Drive:>\FolderName\FileName.reg

To export a filename.reg file, in Windows NT 5.x format, use:

regedit /e "<Drive:>\FolderName\FileName.reg" "KeyPath"

Note The quote marks are only required if the 'path' contains spaces.

To export a filename.reg file, in W9x/NT4 format, suitable for merging with
W9x/NT4/NT5 registries, use:

regedit /a "<Drive:>\FolderName\FileName.reg" "KeyPath"

How can I delete a Key or Value Name using a filename.reg file?

Answer: To delete a key, using a filename.reg file, use the following



Example: To delete the HKEY_LOCAL_MACHINE \Software \McAfee Key, including
all sub-keys, and all Value Names, use the following filename.reg file:


[-HKEY_LOCAL_MACHINE \Software \McAfee]

Then run:

regedit /s <Drive:>\Folder\FileName.reg

To delete a Value Name, using a filename.reg file, use the following syntax:



Example: To delete the Tweak UI Value Name from the HKEY_LOCAL_MACHINE
\SOFTWARE \Microsoft \Windows \CurrentVersion \Run key, use the following
filename.reg file:


[HKEY_LOCAL_MACHINE \SOFTWARE \Microsoft \Windows \CurrentVersion \Run]
"Tweak UI"=-

What other tools are available for using the registry in batch?

Answer: If you install the Support Tools from the Windows 2000 CD-ROM, you
can use REG.EXE to Add, Delete, Copy, Compare, Export, Import, Load a Hive,
Query, Save, Restore, and Unload a Hive. To install the Support Tools:

Insert the Windows 2000 CD-ROM into your CD-ROM drive.
Click Browse this CD, and then open the Support\Tools folder.
Double-click Setup.exe, and follow the on-screen instructions.
Using REG.EXE, and Netdom.exe from the Support Tools, you can script a
report of all the Windows NT-based workstations in your domain, listing the
computer name, O/S version, and service pack, and piping the report to

@echo off
if exist c:\report.txt del /q c:\report.txt
For /f "Skip=1 Tokens=1" %%a in ('netdom query /domain WORKSTATION') do call
:computer "%%a"
goto :EOF
set machine=%1
set machine=%machine:"=%
set cv=
set CSD=
if "%machine%" EQU "The" goto :EOF
if "%machine%" EQU "Directory" goto :EOF
for /f "Skip=3 Tokens=2*" %%i in ('reg QUERY "\\%machine%\HKEY_LOCAL_MACHINE
\SOFTWARE \Microsoft \Windows NT\CurrentVersion" /v CurrentVersion') do set
if not defined cv goto :EOF
if "%cv%" LSS "4.0" goto :EOF
for /f "Skip=3 Tokens=2*" %%i in ('reg QUERY "\\%machine%\HKEY_LOCAL_MACHINE
\SOFTWARE \Microsoft \Windows NT\CurrentVersion" /v CSDVersion') do set
@echo %machine% %cv% %csd%>>c:\report.txt

What commands can I use in a logon script?

Answer: A logon script can use any command supported by the client O/S.

If you have a mixture of Windows NT-based clients and other Windows clients,
you can test if the client platform is Windows NT-based by including the
following statement:

if "%OS%"=="Windows_NT" goto winnt

If you need to test for a specific operation system, the following commands
should work on all Microsoft operating systems:

ver | find "Windows XP" >nul
if not errorlevel 1 goto WXP
ver | find "Windows 2000" >nul
if not errorlevel 1 goto W2000
ver | find "Windows NT" >nul
if not errorlevel 1 goto WNT
ver | find "Windows 98" >nul
if not errorlevel 1 goto W98
ver | find "Windows 95" >nul
if not errorlevel 1 goto W95
ver | find "Windows ME" >nul
if not errorlevel 1 goto WME
ver | find "OEM Service Release" >nul
if not errorlevel 1 goto WOEM
ver | find "MS-DOS" >nul
if not errorlevel 1 goto DOS
echo ERROR - What are you running?
goto END

goto end

goto end

goto end

goto end

goto end

goto end

goto end


To define the %USERNAME%, %COMPUTERNAME%, and %LOGONSERVER% environment
variables on non-Windows NT-based Windows clients, install putinenv.exe on
all non-Windows NT-based Windows clients. You must also install WINSET.EXE,
from the Windows CD-ROM, on these clients. You can then use the following
code in your logon script:

if "%OS%"=="Windows_NT" goto winnt
%windir%\putinenv.exe L
%LogonServer%\NetLogon\Winset USERNAME=%USERNAME%
%LogonServer%\NetLogon\Winset LOGONSERVER=%LOGONSERVER%

The most used command in a logon script is net use, used for mapping a drive
letter to a share. The syntax is:

net use <:Drive:> \\ServerName\ShareName[\folder] /persistent:NO

Note See the NET USE help in the ntcmds.chm file for other options. Windows
2000 can map below a share, but downlevel clients cannot. If you have
configured the users home directory, you can use the net use <:Drive:> /home
/persistent:NO syntax.

How can I perform a procedure on all files in a folder?

Answer: The FOR command will allow us to process multiple lines of command
output. We can use the FOR command to pass the results of a DIR to a

If we wanted to rename all .txt files in a folder, whose 2nd-4th character
of the file name was upper case ABC, to a .log file, we could use the
following example.bat file, and pass the folder name as a parameter
(example.bat "C:\Documents and Settings\Jerry\My Documents")

@echo off
if {%1}=={} goto syntax
if not exist %1 goto syntax
set folder=%1
::Set folder as current directory
pushd %1
::Strip quote marks
set folder=%folder:"=%
for /f "Tokens=*" %%a in ('dir /b /a-d "%folder%\*.txt"') do call :isabc
::Return to previous current directory
goto :EOF
@echo Syntax: Example FolderPath
goto :EOF
set filename=%1
::Strip quote marks
set filename=%filename:"=%
::Test 2nd position, for a 3 byte string
if not "%filename:~1,3%" EQU "ABC" goto :EOF
rename %1 *.log

How do I parse a file name parameter into its' constituent parts?

Answer: When you invoke a batch file with a parameter (%1), you are able to
parse it to extract meaningful information.

Note Command Extensions ( /E:ON ), enabled by default, must be on.



 The normal parameter.


 expands %1 to a fully qualified path name.


 expands %1 to a drive letter only.


 expands %1 to a path only.


 expands %1 to a file name only (prefix)


 expands %1 to a file extension only.


 changes the meaning of n and x options to reference the short name.

You can use these modifiers in combination:



 expands %1 to a drive letter and path only.


 expands %1 to a file name and extension only.

To determine where a batch file was run from, use %~dp0

I have scripted demo.bat to display the various parsing of a file/folder
name parameter. Demo.bat contains:

@echo off
@echo Batch file: %~dp0
If {%1}=={} @echo No parameter specified&goto :EOF
If {%1}=={} goto :EOF
@echo ^%%1=%1
@echo ^%%~f1=%~f1
@echo ^%%~d1=%~d1
@echo ^%%~p1=%~p1
@echo ^%%~n1=%~n1
@echo ^%%~x1=%~x1
@echo ^%%~s1=%~s1
@echo ^%%~dp1=%~dp1
@echo ^%%~nx1=%~nx1
::Shift parameter string
goto :loop

If I type:

demo "C:\Documents and Settings\Jerry\My Documents\My Pictures\Jerold.jpg"
%SystemRoot%\Notepad.exe "%userprofile%"

demo.bat will display:

Batch file: C:\Util\

%1="C:\Documents and Settings\Jerry\My Documents\My Pictures\Jerold.jpg"
%~f1=C:\Documents and Settings\Jerry\My Documents\My Pictures\Jerold.jpg
%~p1=\Documents and Settings\Jerry\My Documents\My Pictures\
%~dp1=C:\Documents and Settings\Jerry\My Documents\My Pictures\


%1="C:\Documents and Settings\Jerry"
%~f1=C:\Documents and Settings\Jerry
%~p1=\Documents and Settings\
%~dp1=C:\Documents and Settings\

How do I perform calculations?

Answer: The SET command can perform calculations. When you type SET /?, part
of the help display contains:

"The /A switch specifies that the string to the right of the equal sign is a
numerical expression that is evaluated. The expression evaluator is pretty
simple and supports the following operations, in decreasing order of

() - grouping
* / % - arithmetic operators
+ - - arithmetic operators
<< >> - logical shift
& - bitwise and
^ - bitwise exclusive or
| - bitwise or
= *= /= %= += -= - assignment
&= ^= |= <<= >>=
, - expression separator

If you use any of the logical or modulus operators, you will need to enclose
the expression string in quotes. Any non-numeric strings in the expression
are treated as environment variable names whose values are converted to
numbers before using them. If an environment variable name is specified but
is not defined in the current environment, then a value of zero is used.
This allows you to do arithmetic with environment variable values without
having to type all those % signs to get their values. If SET /A is executed
from the command line outside of a command script, then it displays the
final value of the expression. The assignment operator requires an
environment variable name to the left of the assignment operator. Numeric
values are decimal numbers, unless prefixed by 0x for hexadecimal numbers,
and 0 for octal numbers. So 0x12 is the same as 18 is the same as 022.
Please note that the octal notation can be confusing: 08 and 09 are not
valid numbers because 8 and 9 are not valid octal digits."

We can script Yesterday.bat to calculate yesterdays date, returning the
PDMM, PDDD, and PDYY environment variables:

@echo off
call univdate
::Force non-leading zero, as it may cause failure
set /a PDDD=1%DD% - 101
set /a PDMM=1%MM% - 100
set /a PDYY=%YY%
if %PDDD% GTR 0 goto return
set /a PDMM=%PDMM% - 1
if %PDMM% GTR 0 goto isleap
set /a PDDD=31
set /a PDMM=12
set /a PDYY=%PDYY% - 1
goto return
if not %PDMM% EQU 2 goto days%PDMM%
::Temporarily use PDDD as a work field
set /a PDDD=%PDYY% / 4
set /a PDDD=%PDDD% * 4
if %PDDD% EQU %PDYY% goto leap
set /a PDDD=28
goto return
set /a PDDD=29
goto return
set /a PDDD=31
goto return
set /a PDDD=30
::Force leading zero when day or month is single digit
set /a PDDD=%PDDD% + 100
set PDDD=%PDDD:~1,2%
set /a PDMM=%PDMM% + 100
set PDMM=%PDMM:~1,2%

Note To calculate that the year was divisible by 4, a leap year, I could
have replaced:

set /a PDDD=%PDYY% / 4
set /a PDDD=%PDDD% * 4
if %PDDD% EQU %PDYY% goto leap


set /a PDDD= %PDYY% ^%% 4
if %PDDD% EQU 0 goto leap

How do I test / manipulate strings?

Answer: If your batch script needs to determine if a string is a sub-set of
a larger string, the easiest method is to use environment variable string

set work=%string:substring=%
if not "%work%" EQU "%string%" @echo %string% contains substring.

If the substring is an environment variable, set work=%string:%substring%=%
or set work=%%string:%substring%=%% does NOT work.

You can use the FOR command to parse this expression, but using the CALL
command is much easier:

call set work=%%string:%substring%=%%
if not "%work%" EQU "%string%" @echo %string% contains %substring%.

To determine if your path contains a specific folder, call chkpath "folder"

Example: call chkpath "c:\program files\support tools", where chkpath.bat

@echo off
set $chkpath=N
if {%1}=={} goto syntax
set fold=%1
:: Strip quotes
set folder=%fold:"=%
call set work=%%path:%folder%=%%
if "%work%" EQU "%path%" goto :end
set $chkpath=Y
goto :end
@echo Syntax: ChkPath Folder
endlocal&set $chkpath=%$chkpath%

Note chkpath.bat sets the $chkpath environment variable to Y if the string
is found.

If you need to determine the position and length of the "folder" string in
the path, chkpath.bat should contain:

@echo off
set /a $pos=0
set /a $len=0
set $chkpath=N
if {%1}=={} goto syntax
set fold=%1
:: Strip quotes
set folder=%fold:"=%
call set work=%%path:%folder%=%%
if "%work%" EQU "%path%" goto :end
set $chkpath=Y
set find=%folder%###
call set work=%%find:~%$len%,^3%%
if "%work%" EQU "###" goto fndpos
set /a $len=%$len% + 1
goto lenloop
call set work=%%path:~%$pos%^,%$len%%%
if /i "%work%" EQU "%folder%" goto :end
set /a $pos=%$pos% + 1
goto fndpos
@echo Syntax: ChkPath Folder
endlocal&set $chkpath=%$chkpath%&set /a $pos=%$pos%&set /a $len=%$len%

Note $pos starts at position 0.

Sample Usage
set look=c:\program files\support tools
call chkpath "%look%"
if "%$chkpath%" EQU "Y" @echo %look% is at position %$pos% for a length of

How do I read a file and process the lines of text?

Answer: To process the contents of a text file, you can parse it with the
FOR command:

for /f "Tokens=*" %%a in (filenName.Extension) do set line=%%a&call :parse

for /f "Tokens=*" %%a in ('type "filenName.Extension"') do set line=%%a&call

Note See FOR /? for additional options.

Example: To display only those keys that have dword values, and their dword
values, in a c:\folder\registry.reg file:

@echo off
set key=
for /f "Tokens=*" %%a in ('type d:\zipnew\zz.reg') do set line=%%a&call
goto :EOF
::Strip command control codes
set work=%line:"=%
set work=%work::=%
set work=%work:(=%
set work=%work:)=%
set work=%work:^&=%
set work=%work:^|=%
set work=%work:^>=%
set work=%work:^<=%
set work=%work:^%=%
set work=%work:^!=%
set work=%work:^;=%
::Save the key
if {%work:~0,1%}=={[} set key=%line%&goto :EOF
set dw=%work:dword=%
if "%dw%" EQU "%work%" goto :EOF
@echo %key% - %line%

How do I launch a process at a different priority?

Answer: When you type start /?, you receive:

Starts a separate window to run a specified program or command.

START ["title"] [/Dpath] [/I] [/MIN] [/MAX] [/SEPARATE | /SHARED]
[/WAIT] [/B] [command/program]

"title" Title to display in window title bar.
path Starting directory
B Start application without creating a new window. The
application has ^C handling ignored. Unless the application
enables ^C processing, ^Break is the only way to interrupt
the application
I The new environment will be the original environment passed
to the cmd.exe and not the current environment.
MIN Start window minimized
MAX Start window maximized
SEPARATE Start 16-bit Windows program in separate memory space
SHARED Start 16-bit Windows program in shared memory space
LOW Start application in the IDLE priority class
NORMAL Start application in the NORMAL priority class
HIGH Start application in the HIGH priority class
REALTIME Start application in the REALTIME priority class
ABOVENORMAL Start application in the ABOVENORMAL priority class
BELOWNORMAL Start application in the BELOWNORMAL priority class
WAIT Start application and wait for it to terminate
If it is an internal cmd command or a batch file then
the command processor is run with the /K switch to cmd.exe.
This means that the window will remain after the command
has been run.

If it is not an internal cmd command or batch file then
it is a program and will run as either a windowed application
or a console application.

parameters These are the parameters passed to the command/program

If Command Extensions are enabled, external command invocation
through the command line or the START command changes as follows:

non-executable files may be invoked through their file association just
by typing the name of the file as a command. (e.g. WORD.DOC would
launch the application associated with the .DOC file extension).
See the ASSOC and FTYPE commands for how to create these
associations from within a command script.

When executing an application that is a 32-bit GUI application, CMD.EXE
does not wait for the application to terminate before returning to
the command prompt. This new behavior does NOT occur if executing
within a command script.

When executing a command line whose first token is the string "CMD "
without an extension or path qualifier, then "CMD" is replaced with
the value of the COMSPEC variable. This prevents picking up CMD.EXE
from the current directory.

When executing a command line whose first token does NOT contain an
extension, then CMD.EXE uses the value of the PATHEXT
environment variable to determine which extensions to look for
and in what order. The default value for the PATHEXT variable


Notice the syntax is the same as the PATH variable, with
semicolons separating the different elements.

When searching for an executable, if there is no match on any extension,
then looks to see if the name matches a directory name. If it does, the
START command launches the Explorer on that path. If done from the
command line, it is the equivalent to doing a CD /D to that path.

How do I display the current directory in the Title bar of a batch files
command Windows?

Answer: The start command can set the initial Title in a command Window.

To cause the batch file to display the current directory every time it
changes, add the following commands after each current directory change:

for /f "Tokens=*" %%i in ('CD') do set CurDir=%%i
title %CurDir%

How can a batch file alter the size of its' CMD Window?

Answer: If you want to scroll the CMD window while a batch file is running,
you can alter the Windows width (characters) and depth (screen buffer lines)
by issuing a mode command in the batch file:

mode con[:] [cols=c] [lines=n]


con[:] indicates the change is to be made to the current command prompt

cols=c specifies the width, c, in characters.

lines=n specifies the number of lines, n, in the screen buffer.

Example: mode con: cols=100 lines=999

How can I get a batch file to prompt for user input?

Answer: The SET command support the /P switch:

SET /P variable=[promptString]

"The /P switch allows you to set the value of a variable to a line of input
entered by the user. Displays the specified promptString before reading
the line of input. The promptString can be empty."

Example: To prompt for folders to DIR:

@echo off
::undefine the %folder% environment variable
set folder=
set /p folder=Type the folder path and press Enter. When finished, press
if {%folder%}=={} goto :end
if not exist %folder% @echo %folder% does NOT exist.&goto :loop
dir %folder%
goto loop

How can I get a batch file to 'sleep' for n seconds?

Answer: The Windows 2000 Resource Kits provide sleep.exe to allow a batch
file to sleep for n seconds.

You can emulate this behavior by using the PING (Packet InterNet Groper)

ping -n seconds+1>nul

To sleep for 15 seconds, type:

ping -n 16>nul

How can I get a batch file to beep for attention?

Answer: To cause a batch file to beep for attention, you need to send a BEL

To create a Bell.bat in your path:

At a CMD prompt, switch (CD) to a folder in your path.
edit bell.bat
<ALT+S> (Saves bell.bat)
<ALT+X> (Exits edit)

Note <> indicates that you type the key(s) within the <>.

When you need to beep for attention:

call bell

How do I pipe batch output, including commands and responses, to a log file?

Answer: The general syntax for piping batch output, including commands and
responses, to a log file is:

Drive:\BatFolder\BatchName.bat>Drive:\LogFolder\LogName.log 2>&1

What is delayed environment variable expansion?

The default behavior of the CMD command processor is to evaluate an
environment variable once per statement execution.

To demonstrate this behavior, assume that your c:\test folder has 3 files:


If you run a batch script containing:

@echo off
cd /d c:\test
@echo on
set LIST=
for %%i in (*) do set LIST=%LIST% %%i
echo %LIST%

You would see the following:

C:\TEST\>set LIST=
C:\TEST\>for %i in (*) do set LIST= %i
C:\TEST\>set LIST= File1.txt
C:\TEST\>set LIST= File2.txt
C:\TEST\>set LIST= File3.txt
C:\TEST\>echo File3.txt
C:\TEST\> File3.txt

You can see from this example that the LIST variable is expanded just once
when the FOR statement is executed. Since LIST was empty, only the last file
found is set into the variable.

Windows 2000 supports delayed environment variable expansion. You must
enable delayed environment variable expansion for the CMD session by using
the CMD /V:ON switch, or by issuing a setlocal ENABLEDELAYEDEXPANSION

With delayed environment variable expansion enabled, you can use the !
instead of the %, as follows:

@echo off
cd /d c:\test
@echo on
set LIST=
for %%i in (*) do set LIST=!LIST! %%i
echo %LIST%

This yields the following output:

C:\TEST\>set LIST=
C:\TEST\>for %i in (*) do set LIST=!LIST! %i
C:\TEST\>set LIST=!LIST! File1.txt
C:\TEST\>set LIST=!LIST! File2.txt
C:\TEST\>set LIST=!LIST! File3.txt
C:\TEST\>echo File1.txt File2.txt File3.txt
C:\TEST\> File1.txt File2.txt File3.txt

You can have delayed environment variable expansion enabled by default, if
you use Regedt32 to navigate to either of the following keys:

HKEY_LOCAL_MACHINE \Software \Microsoft \Command Processor

HKEY_CURRENT_USER \Software \Microsoft \Command Processor

On the Edit menu, Add Value name DelayedExpansion, as a REG_DWORD data type.
A data value of 1 enables delayed environment variable expansion and a data
value of 0 disables it. Invoking the /V:ON or /V:OFF switch on CMD.EXE
and/or using the setlocal ENABLEDELAYEDEXPANSION command, overrides the
registry setting for the CMD session.

What are the conditional processing symbols?

Answer: From the ntcmds.chm file:

Conditional processing symbols give you control over the execution of
Processing Commands Conditionally You use conditional processing symbols to
multiple commands from the same prompt and to act based on the results of a
The ampersand (&) separates multiple commands on one command line.
The parentheses groups multiple commands.
The semicolon or comma (; ,) separate command parameters.
The caret (^) cancels a subsequent command symbol's special meaning so you
can use a
command symbol as text.
The double ampersand (&&) causes the command following this symbol to run
only if the
command preceding the symbol is successful.
The double pipe (||) causes the command following this symbol to run only if
the command
preceding the symbol fails.


dir filename.txt>nul && type filename.txt is equivalent to if exist
filename.txt type filename.txt

dir filename.txt>nul || @echo.>filename.txt is equivalent to if not exist
filename.txt @echo.>filename.txt

How do I send a pop-up message?

Answer: The syntax of the net send command is:

net send {name | * | /domain[:name] | /users} message

To send a pop-up to all users in your domain, type:

net send /domain This is a message.

Note Windows NT-based client run the Messenger service by default. Other
Windows clients must be running Winpopup.exe to receive the message.

net send jennifer hello will send hello to Jennifer, if she is logged on.

net send /users hello will send hello to all users that are connected to
your computer.

To send a files contents to logged on members of one or more domain groups,

call sendfilegroup filename.txt group1 [group2 group3 ... groupn], where
sendfilegroup.bat contains:

@echo off
if {%2}=={} (echo usage: sndflegrp msgfile group-list) & (goto :EOF)
if not exist %1 (echo usage: sndflegrp msgfile group-list) & (goto :EOF)
set msg=
for /f "Tokens=*" %%m in ('type %1') do set msg=!msg! %%m
if {%2}=={} endlocal&goto :EOF
for /f "Skip=8 Tokens=*" %%i in ('net group %2 /domain') do call :msg "%%i"
shift /2
goto :LOOP
If %1=="The command completed successfully." goto :EOF
set users=%1
set user=%users:~1,20%##
call :sndmsg>nul 2>&1
if "%user%"=="" goto end
set user=%users:~26,20%##
call :sndmsg>nul 2>&1
if "%user%"=="" goto end
set user=%users:~51,20%##
call :sndmsg>nul 2>&1
goto :EOF
set user=%user: =%
set user=%user: ##=##%
set user=%user:##=%
set user=%user:"=%
if "%user%"=="" goto :EOF
set comp=%user%
set comp=%comp:$=%
if "%comp%"=="%user%" net send "%user%" %msg%

How do I execute a command in every sub-folder?

Answer: The FOR /R command is meant to traverse sub-folders.

The general syntax is:

FOR /R [[drive:]path] %variable IN (set) DO command [command-parameters]

Walks the directory tree rooted at [drive:]path, executing the FOR
statement in each directory of the tree. If no directory
specification is specified after /R then the current directory is
assumed. If set is just a single period (.) character then it
will just enumerate the directory tree.


To delete every *.log file in all the folders of your profile, type:

for /r "%userprofile%" %i in (*.log) do del /q "%i"

Note If used in a batch file, the %variable% must be %%vari

Give me a feedback

Copyright © 2000-2001, Somtips, All rights reserved.

----- Original Message ----- 
From: "kyle" <kyle at navegalia.com>
To: <samba at lists.samba.org>
Sent: Monday, December 08, 2003 9:57 PM
Subject: Re: [Samba] group policies, domain policies and workstationpolicies
without Active Directory??

> On Mon, 8 Dec 2003 09:47:36 +0200 (EET)
> Hannu Tikka wrote:
> > Haven't tested this yet, but I have thought to create a scheduled task
> > which runs on Administrator privileges a .bat from netlogon share at
> > logon. To that .bat I can put all updates that needs to run with
> > Administrator rights.
> > Does this sound like a potential solution?
> yes, of course... good old cron on unix systems ;-)
> what I'm not very sure is how to apply specific constrains to specify
> since they all members of the domain. How should I craft the .reg file I
> import on the registry?
> -- 
> Window$ Macht Frei!
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list