Search the Petri IT Knowledgebase

The Unofficial M365 Changelog

Sponsors

Podcasts

Learning Center
search icon

close

Icon for Latest Whitepaper

Latest Whitepaper

Choosing an MFA Solution for Your Active Directory Environment? Ask These 15 Questions.
Icon for On-Demand Webinar

On-Demand Webinar

Combating Cyberattacks in 2022: Prepare to Defend Your Active Directory
Icon for Upcoming Conference

Upcoming Conference

GET-IT Microsoft Cloud Security and Compliance 1-Day Virtual Conference
Icon for Ebook

Ebook

The Forrester New Wave™: SaaS Application Data Protection, Q4 2021

Home

Active Directory

Run a Script or Batch File with Administrative Privileges as Windows Starts

Author avatar - Russell Smith

Russell Smith

 |

Apr 22, 2014

Logon scripts have long been used to configure users’ desktop environments, adding network drive mappings and desktop shortcuts etc. But there are some tasks that require administrative privileges and can’t be executed as part of a logon script if users don’t have administrative access to their PCs. In this Ask the Admin, I’ll show you how to configure a Group Policy Object (GPO) to run a startup script with administrative privileges.

Computer Startup Scripts vs. Logon Scripts

Startup scripts run just before the boot process gets to the logon screen, and in the context of the local computer account, which has local administrative privileges. Startup scripts can be stored in the GPO itself, removing the need to configure a network share.

advertisment

Configure a Computer Startup Script

Log on to a Windows Server 2012 R2 domain controller (DC) with a domain administrator account and follow the instructions below.

Create a new Group Policy Object in Active Directory:

  • Open Server Manager using the icon on the desktop taskbar or from the Start screen.
  • In the Tools menu, select Group Policy Management.
  • In the Group Policy Management Console (GPMC), expand your Active Directory (AD) forest, domain and click the Group Policy Objects container.
  • Right-click the Group Policy Objects container and select New from the menu.
  • In the New GPO dialog box, give the new Group Policy Object (GPO) a name and press OK.
  • Now right-click the new GPO in the right pane and select Edit from the menu.

Add the startup script settings to the GPO:

  • In the left pane of the Group Policy Management Editor window, expand Computer Configuration, Policies and click Scripts.
  • In the right pane, double-click Startup.
  • On the Scripts tab of the Startup Properties dialog, click Show Files. Copy the file(s) you want to run to this location.
  • Once the script you want to run has been added to the GPO, click Add on the Scripts tab.
  • Click Browse in the Add a Script dialog and select the file using the file browser.  Additionally in the Add a Script dialog, you can optionally specify parameters to configure how the script runs. Click OK to continue.

Configure a computer startup script in Group Policy

advertisment

You can additional scripts and set the order in which they run by using the Up and Down buttons. Additionally, PowerShell scripts can be added on a separate tab and set to run before or after scripts specified on the first tab.

  • Complete the configuration by clicking OK in the Startup Properties window.
  • Close the Group Policy Management Editor window.

Finally, link the GPO to an OU, domain, forest or site:

  • Back in GPMC, decide where you want to link the new GPO. Right click the desired OU, domain, site or forest in the left pane and select Link an Existing GPO from the menu.
  • In the Select GPO dialog, select the GPO you just created and click OK.

The startup script will now run on computers that have the GPO applied. For more information on using the Group Policy Management Console and linking GPOs, see Working with Group Policy on Petri.

More from Russell Smith

TwiIT ep21

Project Volterra, Hybrid Loop, and NPUs to Supercharge AI on Your Devices
TWiIT ep20

Windows 11 Approved for Broad Deployment and 'One Outlook' Drops for Insiders
This Week in IT Ep 19

Microsoft Takes on Rival Calendly with Outlook Bookings - Plus the Latest IT News Updates

advertisment

Petri Newsletters

Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.

advertisment

More in Active Directory

Windows Server 4 Hero Approved

Microsoft Releases Out-Of-Band Patches to Fix Windows AD Authentication Issues

May 20, 2022 | Rabia Noureen

Cloud Conversations

Cloud Conversations – Ståle Hansen on Digital Wellbeing and Viva Explorers

May 19, 2022 | Laurent Giret

Network Security

How to Access Active Directory

May 17, 2022 | Michael Reinders

Cloud Computing

Microsoft Rolls Out Azure AD Verifiable Credentials Service to More Customers

May 11, 2022 | Rabia Noureen

Network Security

Active Directory vs. Azure AD (and Other Identity Providers)

May 9, 2022 | Michael Taschler

Security

Apple Finally Discontinues Support for macOS Server App

Apr 25, 2022 | Rabia Noureen

Most popular on petri

X

Log in to save content to your profile.

Login

Sign Up

Username/Email

Password

Forgot Password?

Login

Article saved!

Access saved content from your profile page. View Saved

Reach out

Contact Us

Advertising

About Us

Media Kit

Learn More

Podcasts

Learning Center

Webinars

Sitemap

Windows

Cloud

Office 365

Servers

Join The Conversation

Create a free account today to participate in forum conversations, comment on posts and more.

Copyright ©2019 BWW Media Group

Terms and Conditions of Use

 |

Privacy Policy