I need to run a logon script whenever a user logs in to the AD. This script will run a custom exe file ( custom.exe ) with parameters. One of the parameter is a binary file which I do not want others to view, including the logged on user. This binary file can only be used by custom.exe . An output file will be created by custom.exe on the User’s home directory.
My questions are
1) How can I secure this binary file on the NetLogon folder from prying eyes or the ability to copy/move it?
2) Do i install the custom.exe on the user’s workstation, or on the Active Directory folder?